Skip to content

Commit 8c83014

Browse files
tglsfdctglsfdc
committed
Fix memory leak when rejecting bogus DH parameters.
While back-patching e0e569e, I noted that there were some other places where we ought to be applying DH_free(); namely, where we load some DH parameters from a file and then reject them as not being sufficiently secure. While it seems really unlikely that anybody would hit these code paths in production, let alone do so repeatedly, let's fix it for consistency. Back-patch to v10 where this code was introduced. Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org
1 parent c49e287 commit 8c83014

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

src/backend/libpq/be-secure-openssl.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -814,13 +814,15 @@ load_dh_file(char *filename, bool isServerStart)
814814
(errcode(ERRCODE_CONFIG_FILE_ERROR),
815815
errmsg("invalid DH parameters: %s",
816816
SSLerrmessage(ERR_get_error()))));
817+
DH_free(dh);
817818
return NULL;
818819
}
819820
if (codes & DH_CHECK_P_NOT_PRIME)
820821
{
821822
ereport(isServerStart ? FATAL : LOG,
822823
(errcode(ERRCODE_CONFIG_FILE_ERROR),
823824
errmsg("invalid DH parameters: p is not prime")));
825+
DH_free(dh);
824826
return NULL;
825827
}
826828
if ((codes & DH_NOT_SUITABLE_GENERATOR) &&
@@ -829,6 +831,7 @@ load_dh_file(char *filename, bool isServerStart)
829831
ereport(isServerStart ? FATAL : LOG,
830832
(errcode(ERRCODE_CONFIG_FILE_ERROR),
831833
errmsg("invalid DH parameters: neither suitable generator or safe prime")));
834+
DH_free(dh);
832835
return NULL;
833836
}
834837

0 commit comments

Comments
 (0)