Andre Guibert de Bruet fixed a memory leak when PKCS #12 parsing failed

2007-05-22 20:46:51 +00:00 · 2007-05-22 20:46:51 +00:00 · 96c093f27c
--- a/2
+++ b/2
@ -9,7 +9,7 @@ Daniel S (22 May 2007)
 - Andre Guibert de Bruet fixed a memory leak in the function that verifies the
  peer's name in the SSL certificate when built for OpenSSL. The leak happens
  for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
-  name from UTF8.
+  name from UTF8. He also fixed a leak when PKCS #12 parsing failed.

 Daniel S (18 May 2007)
 - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
--- a/1
+++ b/1
@ -46,6 +46,7 @@ This release includes the following bugfixes:
 o TFTP connect timouts less than 5 seconds
 o improved curl -w for TFTP transfers
 o memory leak when failed OpenSSL certificate CN field checking
+ o memory leak when OpenSSL failed PKCS #12 parsing

 This release includes the following known bugs:

--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@ -377,6 +377,7 @@ int cert_stuff(struct connectdata *conn,
        failf(data,
              "could not parse PKCS12 file, check password, OpenSSL error %s",
              ERR_error_string(ERR_get_error(), NULL) );
+        PKCS12_free(p12);
        return 0;
      }