From fc1d1ea93472985c12a4e3ae892a416de00d032e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 24 Dec 2007 23:45:48 +0000 Subject: [PATCH] Gary Maxwell filed bug report #1856628 (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the (small) memory leak in the SSL session ID caching code. It happened when a previous entry in the cache was re-used. --- CHANGES | 6 ++++++ RELEASE-NOTES | 3 ++- lib/sslgen.c | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 5ec5dd0..34a8fc2 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,12 @@ Changelog +Daniel S (25 Dec 2007) +- Gary Maxwell filed bug report #1856628 + (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the + (small) memory leak in the SSL session ID caching code. It happened when a + previous entry in the cache was re-used. + Daniel Fandrich (19 Dec 2007) - Ensure that nroff doesn't put anything but ASCII characters into the --manual text. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 12b6904..7ebe7de 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -38,6 +38,7 @@ This release includes the following bugfixes: o Expect: 100-continue flaw on re-used connection with POSTs o build fix for MSVC 9.0 (VS2008) o Windows curl builds failed file truncation when retry downloading + o SSL session ID cache memory leak This release includes the following known bugs: @@ -58,6 +59,6 @@ advice from friends like these: Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black, Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden, Emil Romanus, Alessandro Vesely, Ray Pekowski, Spacen Jasset, Andrew Moise, - Gilles Blanc, David Wright, Vikram Saxena, Mateusz Loskot + Gilles Blanc, David Wright, Vikram Saxena, Mateusz Loskot, Gary Maxwell Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/sslgen.c b/lib/sslgen.c index c3d4ee4..2d61960 100644 --- a/lib/sslgen.c +++ b/lib/sslgen.c @@ -384,6 +384,9 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, store->sessionid = ssl_sessionid; store->idsize = idsize; store->age = data->state.sessionage; /* set current age */ + if (store->name) + /* free it if there's one already present */ + free(store->name) store->name = clone_host; /* clone host name */ store->remote_port = conn->remote_port; /* port number */ -- 2.7.4