From aa1c967f93e7cbc28c964369af13c3e444407a22 Mon Sep 17 00:00:00 2001
From: Antoine Pitrou <solipsis@pitrou.net>
Date: Wed, 23 Nov 2011 01:39:19 +0100
Subject: [PATCH] Issue #13458: Fix a memory leak in the ssl module when
 decoding a certificate with a subjectAltName. Patch by Robert Xiao.

---
 Misc/NEWS      | 3 +++
 Modules/_ssl.c | 1 +
 2 files changed, 4 insertions(+)

diff --git a/Misc/NEWS b/Misc/NEWS
index 1a92e2ad95f..be93de46d83 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -79,6 +79,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #13458: Fix a memory leak in the ssl module when decoding a
+  certificate with a subjectAltName.  Patch by Robert Xiao.
+
 - Issue #13415: os.unsetenv() doesn't ignore errors anymore.
 
 - Issue #13322: Fix BufferedWriter.write() to ensure that BlockingIOError is
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index dd616608174..becf6a50b3d 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -798,6 +798,7 @@ _get_peer_alt_names (X509 *certificate) {
             }
             Py_DECREF(t);
         }
+        sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
     }
     BIO_free(biobuf);
     if (peer_alt_names != Py_None) {