From f0c9038a369eb846f184d1347a33ebb441d3ab6b Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Sat, 14 Nov 2015 15:12:18 -0800 Subject: [PATCH 1/2] fix possible memory lea k in _get_aia_uri (closes #25578) --- Misc/NEWS | 2 ++ Modules/_ssl.c | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Misc/NEWS b/Misc/NEWS index 1390642451b..881f0351e83 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -106,6 +106,8 @@ Core and Builtins Library ------- +- Issue #25578: Fix (another) memory leak in SSLSocket.getpeercer(). + - Issue #25590: In the Readline completer, only call getattr() once per attribute. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 23e9be767cd..064ad01dec8 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -977,7 +977,10 @@ _get_aia_uri(X509 *certificate, int nid) { AUTHORITY_INFO_ACCESS *info; info = X509_get_ext_d2i(certificate, NID_info_access, NULL, NULL); - if ((info == NULL) || (sk_ACCESS_DESCRIPTION_num(info) == 0)) { + if (info == NULL) + return Py_None; + if (sk_ACCESS_DESCRIPTION_num(info) == 0) { + AUTHORITY_INFO_ACCESS_free(info); return Py_None; } From 025a1fd9907bb439db9a812c78b8f18dbf4bad9e Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Sat, 14 Nov 2015 15:12:38 -0800 Subject: [PATCH 2/2] rm trailing ws --- Modules/_ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 064ad01dec8..d918671fc82 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -3380,7 +3380,7 @@ PySSL_get_default_verify_paths(PyObject *self) else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \ target = PyBytes_FromString(tmp); } \ if (!target) goto error; \ - } + } CONVERT(X509_get_default_cert_file_env(), ofile_env); CONVERT(X509_get_default_cert_file(), ofile);