commit d644c93ae9373f99d95870c7b752b790f8714201 Author: Nick Mathewson nickm@torproject.org Date: Tue Sep 4 19:41:59 2018 -0400

Resolve openssl-only memory leaks --- src/lib/tls/tortls_openssl.c | 2 +- src/lib/tls/x509.c | 3 +-- src/test/test_tortls_openssl.c | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 370e7e436..9371c9393 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -609,7 +609,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, if (result->my_id_cert) { X509_STORE *s = SSL_CTX_get_cert_store(result->ctx); tor_assert(s); - X509_STORE_add_cert(s, X509_dup(result->my_id_cert->cert)); + X509_STORE_add_cert(s, result->my_id_cert->cert); } } SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF); diff --git a/src/lib/tls/x509.c b/src/lib/tls/x509.c index 442cdf2c7..0d62ee41a 100644 --- a/src/lib/tls/x509.c +++ b/src/lib/tls/x509.c @@ -128,9 +128,8 @@ tor_x509_cert_new,(tor_x509_cert_impl_t *x509_cert))

return cert; err: - tor_free(cert); log_err(LD_CRYPTO, "Couldn't wrap encoded X509 certificate."); - tor_x509_cert_impl_free(x509_cert); + tor_x509_cert_free(cert); return NULL; }

diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c index 3abf41265..2e71de43a 100644 --- a/src/test/test_tortls_openssl.c +++ b/src/test/test_tortls_openssl.c @@ -600,7 +600,7 @@ test_tortls_get_my_client_auth_key(void *ignored) tt_assert(ret == expected);

done: - tor_free(expected); + crypto_pk_free(expected); tor_free(ctx); }