SSL_free(context) when SSL_connect fails, plugging memleak. By Seiichi Ikarashi.

svn path=/branches/BRANCH_6-3/; revision=5237

diff --git a/NEWS b/NEWS
index 5b89f6b33f52d28bfc78f434808f6bfb501b1b92..57bf52b68c801691dcf6080c13f7cdba55d78f6c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -88,6 +88,10 @@ fetchmail 6.3.9 (not yet released):
 * Only print "Deleting fetchids file" if there actually is one.
   Fixes Debian Bug#374514, reported by Dan Jacobson.
 * SSL fix: check and report if SSL_set_fd fails.
+* SSL fix: close memory leak when SSL connection fails; fetchmail used to forget
+  calling SSL_free() on the SSL context, leaking in excess of 1/2 MB RAM on a
+  x86_64 system per failed SSL connection attempt.
+  Bug reported and patch provided by Seiichi Ikarashi, Fujitsu.
 
 # CHANGES:
 * autoconf 2.60 is now required to build fetchmail; it uses

diff --git a/socket.c b/socket.c
index e943f8b29d887bf2a8ae269ac2683fcf91ba5f4f..f0691b975a7e6c30fbd3ba84d9ff62007b07cbcb 100644 (file)
--- a/socket.c
+++ b/socket.c
@@ -906,6 +906,8 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, int certck, char
        if (SSL_set_fd(_ssl_context[sock], sock) == 0 
            || SSL_connect(_ssl_context[sock]) < 1) {
                ERR_print_errors_fp(stderr);
+               SSL_free( _ssl_context[sock] );
+               _ssl_context[sock] = NULL;
                SSL_CTX_free(_ctx[sock]);
                _ctx[sock] = NULL;
                return(-1);