[ https://issues.apache.org/jira/browse/MESOS-10041?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16980584#comment-16980584 ]
Greg Mann commented on MESOS-10041: ----------------------------------- {noformat} commit e52d0d1f25a91f9940bea4329eb5359373ee0ed0 Author: Benno Evers <bev...@mesosphere.com> Date: Fri Nov 22 12:00:43 2019 -0800 Fixed memory leak in openssl verification function. When the hostname validation scheme was set to 'openssl', the `openssl::verify()` function would return without freeing a previously allocated `X509*` object. To fix the leak, a long-standing TODO to switch to RAII-based memory management for the certificate was resolved. Review: https://reviews.apache.org/r/71805/ {noformat} > Libprocess SSL verification can leak memory > ------------------------------------------- > > Key: MESOS-10041 > URL: https://issues.apache.org/jira/browse/MESOS-10041 > Project: Mesos > Issue Type: Bug > Components: libprocess > Affects Versions: 1.9.0 > Reporter: Greg Mann > Assignee: Benno Evers > Priority: Major > Labels: libprocess, ssl > > In {{process::network::openssl::verify()}}, when the SSL hostname validation > scheme is set to "openssl", the function can return without freeing an > {{X509}} object, leading to a memory leak. -- This message was sent by Atlassian Jira (v8.3.4#803005)