From a64aa442c18e7ea498bb9a03d150a5e0a56be509 Mon Sep 17 00:00:00 2001 From: Tom Atkinson Date: Tue, 28 Mar 2017 14:14:05 +0200 Subject: [PATCH] crypto: fix memory leak if certificate is revoked The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: https://github.com/nodejs/node/pull/9469 Fixes: https://github.com/nodejs/node/issues/12033 PR-URL: https://github.com/nodejs/node/pull/12089 Reviewed-By: Sam Roberts Reviewed-By: Fedor Indutny Reviewed-By: Ben Noordhuis Reviewed-By: Myles Borins Reviewed-By: Shigeki Ohtsu Reviewed-By: Colin Ihrig --- src/node_crypto.cc | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 85d030312ca7ac..f00d75761c63c7 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2760,7 +2760,9 @@ inline bool CertIsStartComOrWoSign(X509_NAME* name) { startcom_wosign_data = dn.data; startcom_wosign_name = d2i_X509_NAME(nullptr, &startcom_wosign_data, dn.len); - if (X509_NAME_cmp(name, startcom_wosign_name) == 0) + int cmp = X509_NAME_cmp(name, startcom_wosign_name); + X509_NAME_free(startcom_wosign_name); + if (cmp == 0) return true; } @@ -2805,8 +2807,10 @@ inline CheckResult CheckWhitelistedServerCert(X509_STORE_CTX* ctx) { } X509* leaf_cert = sk_X509_value(chain, 0); - if (!CheckStartComOrWoSign(root_name, leaf_cert)) + if (!CheckStartComOrWoSign(root_name, leaf_cert)) { + sk_X509_pop_free(chain, X509_free); return CHECK_CERT_REVOKED; + } // When the cert is issued from either CNNNIC ROOT CA or CNNNIC EV // ROOT CA, check a hash of its leaf cert if it is in the whitelist.