[Python-checkins] cpython (3.4): fix memory leak in _get_crl_dp (closes #25569)

benjamin.peterson python-checkins at python.org
Thu Nov 12 01:14:46 EST 2015

• Previous message (by thread): [Python-checkins] cpython (merge 3.5 -> default): merge 3.5 (#25569)
• Next message (by thread): [Python-checkins] cpython (3.4): always set OP_NO_SSLv3 by default (closes #25530)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

https://hg.python.org/cpython/rev/aabe273b20ab
changeset: 99067:aabe273b20ab
branch: 3.4
parent: 99063:b13960fc5fd4
user: Benjamin Peterson <benjamin at python.org>
date: Wed Nov 11 22:07:38 2015 -0800
summary:
 fix memory leak in _get_crl_dp (closes #25569)
Patch started by Stéphane Wirtel.
files:
 Misc/NEWS | 2 +
 Modules/_ssl.c | 54 +++++++++++++++++--------------------
 2 files changed, 27 insertions(+), 29 deletions(-)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -107,6 +107,8 @@
 at the end if the FileInput was opened with binary mode.
 Patch by Ryosuke Ito.
 
+- Issue #25569: Fix memory leak in SSLSocket.getpeercert().
+
 - Issue #21827: Fixed textwrap.dedent() for the case when largest common
 whitespace is a substring of smallest leading whitespace.
 Based on patch by Robert Li.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -1027,25 +1027,23 @@
 static PyObject *
 _get_crl_dp(X509 *certificate) {
 STACK_OF(DIST_POINT) *dps;
- int i, j, result;
- PyObject *lst;
+ int i, j;
+ PyObject *lst, *res = NULL;
 
 #if OPENSSL_VERSION_NUMBER < 0x10001000L
- dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points,
- NULL, NULL);
+ dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL);
 #else
 /* Calls x509v3_cache_extensions and sets up crldp */
 X509_check_ca(certificate);
 dps = certificate->crldp;
 #endif
 
- if (dps == NULL) {
+ if (dps == NULL)
 return Py_None;
- }
-
- if ((lst = PyList_New(0)) == NULL) {
- return NULL;
- }
+
+ lst = PyList_New(0);
+ if (lst == NULL)
+ goto done;
 
 for (i=0; i < sk_DIST_POINT_num(dps); i++) {
 DIST_POINT *dp;
@@ -1058,6 +1056,7 @@
 GENERAL_NAME *gn;
 ASN1_IA5STRING *uri;
 PyObject *ouri;
+ int err;
 
 gn = sk_GENERAL_NAME_value(gns, j);
 if (gn->type != GEN_URI) {
@@ -1066,28 +1065,25 @@
 uri = gn->d.uniformResourceIdentifier;
 ouri = PyUnicode_FromStringAndSize((char *)uri->data,
 uri->length);
- if (ouri == NULL) {
- Py_DECREF(lst);
- return NULL;
- }
- result = PyList_Append(lst, ouri);
+ if (ouri == NULL)
+ goto done;
+
+ err = PyList_Append(lst, ouri);
 Py_DECREF(ouri);
- if (result < 0) {
- Py_DECREF(lst);
- return NULL;
- }
+ if (err < 0)
+ goto done;
 }
 }
- /* convert to tuple or None */
- if (PyList_Size(lst) == 0) {
- Py_DECREF(lst);
- return Py_None;
- } else {
- PyObject *tup;
- tup = PyList_AsTuple(lst);
- Py_DECREF(lst);
- return tup;
- }
+
+ /* Convert to tuple. */
+ res = (PyList_GET_SIZE(lst) > 0) ? PyList_AsTuple(lst) : Py_None;
+
+ done:
+ Py_XDECREF(lst);
+#if OPENSSL_VERSION_NUMBER < 0x10001000L
+ sk_DIST_POINT_free(dsp);
+#endif
+ return res;
 }
 
 static PyObject *
-- 
Repository URL: https://hg.python.org/cpython

---

• Previous message (by thread): [Python-checkins] cpython (merge 3.5 -> default): merge 3.5 (#25569)
• Next message (by thread): [Python-checkins] cpython (3.4): always set OP_NO_SSLv3 by default (closes #25530)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list