diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-10-29 10:00:19 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-10-29 10:00:19 +0100 |
| commit | f893bce3e740257485fa5c8ce4a546b7384ffaa2 (patch) | |
| tree | 6317be20a468420abb750b0374a2beeb5891d9d3 /src | |
| parent | 140816b055440067285e16169d2722906476a8e3 (diff) | |
| download | strongswan-f893bce3e740257485fa5c8ce4a546b7384ffaa2.tar.bz2 strongswan-f893bce3e740257485fa5c8ce4a546b7384ffaa2.tar.xz | |
fixed a memory leak in OCSP fetching4.3.5
Diffstat (limited to 'src')
| -rw-r--r-- | src/pluto/ocsp.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index 226f16c50..10ebcda14 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -1467,6 +1467,14 @@ static void process_single_response(ocsp_location_t *location, } /** + * Destroy a response_t object + */ +static void free_response(response_t *res) +{ + DESTROY_IF(res->responder_id_name); +} + +/** * Parse and verify ocsp response and update the ocsp cache */ void parse_ocsp(ocsp_location_t *location, chunk_t blob) @@ -1479,7 +1487,7 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob) if (status != STATUS_SUCCESSFUL) { plog("error in ocsp response"); - return; + goto free; } /* check if there was a nonce in the request */ if (location->nonce.ptr && res.nonce.ptr == NULL) @@ -1490,13 +1498,13 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob) if (res.nonce.ptr && !chunk_equals(res.nonce, location->nonce)) { plog("invalid nonce in ocsp response"); - return; + goto free; } /* check if the response is signed by a trusted key */ if (!valid_ocsp_response(&res)) { plog("invalid ocsp response"); - return; + goto free; } DBG(DBG_CONTROL, DBG_log("valid ocsp response") @@ -1527,4 +1535,7 @@ void parse_ocsp(ocsp_location_t *location, chunk_t blob) end: parser->destroy(parser); } + +free: + free_response(&res); } |