[xmlsec] Possible - memory leak in xmlSecX509DataDestroy
Aleksey Sanin
aleksey at aleksey.com
Fri Jul 19 07:07:36 PDT 2002
No, you are wrong. There are two cases:
1) The cert assigned to x509Data->verified is in the x509Data->certs
stack
and then it freed with x509Data->certs stack
2) The x509Data->certs stack is empty (NULL) and then x509Data->verified
is freed by itself
There is an nice memory checker "Valgrind"
(http://developer.kde.org/~sewardj/)
available on Linux :)
Aleksey
llucky at mail.ru wrote:
>Hello Aleksey,
>
>Source code of xmlSecX509DataDestroy function have
>this:
>...
> if(x509Data->certs != NULL) {
> sk_X509_pop_free(x509Data->certs, X509_free);
> } else if(x509Data->verified != NULL) {
> X509_free(x509Data->verified);
> }
>...
>
>-> but in xmlSecX509StoreVerify where have
>code assigning x509Data->verified value,
>not have code for free x509Data->certs and assigning NULL.
> xmlSecX509StoreVerify code:
> ...
> if(ret == 1) {
> x509Data->verified = cert;
> return(1);
> }
>...
>
>in this case x509Data->verified never free.
>
>
>
>
>
More information about the xmlsec
mailing list