mirror of
https://github.com/python/cpython.git
synced 2025-10-03 05:35:59 +00:00
[3.5] bpo-29738: Fix memory leak in _get_crl_dp (GH-526) (GH-1143)
* Remove conditional on free of `dps`, since `dps` is now allocated for
all versions of OpenSSL
* Remove call to `x509_check_ca` since it was only used to cache
the `crldp` field of the certificate
CRL_DIST_POINTS_free is available in all supported versions of OpenSSL
(recent 0.9.8+) and LibreSSL.
(cherry picked from commit 2849cc34a8)
This commit is contained in:
Mariatta
GitHub
parent
d960d766cf
commit
c40740cf06
1 changed files with 1 additions and 7 deletions
|
|
@ -1181,10 +1181,6 @@ _get_crl_dp(X509 *certificate) {
|
||||||
int i, j;
|
int i, j;
|
||||||
PyObject *lst, *res = NULL;
|
PyObject *lst, *res = NULL;
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= 0x10001000L
|
|
||||||
/* Calls x509v3_cache_extensions and sets up crldp */
|
|
||||||
X509_check_ca(certificate);
|
|
||||||
#endif
|
|
||||||
dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL);
|
dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL);
|
||||||
|
|
||||||
if (dps == NULL)
|
if (dps == NULL)
|
||||||
|
|
@ -1229,9 +1225,7 @@ _get_crl_dp(X509 *certificate) {
|
||||||
|
|
||||||
done:
|
done:
|
||||||
Py_XDECREF(lst);
|
Py_XDECREF(lst);
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10001000L
|
CRL_DIST_POINTS_free(dps);
|
||||||
sk_DIST_POINT_free(dps);
|
|
||||||
#endif
|
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue