diff options
| author | Kazuki Yamaguchi <[email protected]> | 2025-04-20 16:22:01 +0900 |
|---|---|---|
| committer | git <[email protected]> | 2025-05-15 16:51:15 +0000 |
| commit | 06a56a7ffcb053d5bc45b9a984082d9301d6819c () | |
| tree | 62350e6ffb92eec83374dc36bf9096e20cd9c828 /ext | |
| parent | b43c7cf8c41e86f4ecefbd605bef17625c69ed1a (diff) | |
[ruby/openssl] ssl: fix potential memory in SSLContext#setup
If SSL_CTX_add_extra_chain_cert() fails, the refcount of x509 must be handled by the caller. This should only occur due to a malloc failure inside the function. https://.com/ruby/openssl/commit/80bcf727dc
| -rw-r--r-- | ext/openssl/ossl_ssl.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -430,8 +430,9 @@ ossl_sslctx_add_extra_chain_cert_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, arg)) GetSSLCTX(arg, ctx); x509 = DupX509CertPtr(i); - if(!SSL_CTX_add_extra_chain_cert(ctx, x509)){ - ossl_raise(eSSLError, NULL); } return i; |