SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn. If X509_get_issuer_name() or X509_get_subject_name() returned NULL, this could lead to a certificate reference leak. It cannot happen in practice though, since each function returns an internal pointer to a mandatory subfield of the certificate successfully decoded by d2i_X509() during certificate message processing (closes #1751).

commit: 6d15d261cefeb5da853d22ad9562ea9b2bcd26b1 [log] [tgz]
author: Nikolay Morozov <n.morozov@securitycode.ru> Tue Mar 26 09:33:57 2019 +0300
committer: Nikolay Morozov <n.morozov@securitycode.ru> Tue Mar 26 09:33:57 2019 +0300
tree: a4a1bda1424a856d29612505a0a4ffeac0125a6e
parent: 7a12b3b64d04f703ab95e33c41cbf005704b4b79 [diff]
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index bee264c..7be4fb4 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c

@@ -4622,6 +4622,7 @@
 
     name = X509_get_subject_name(cert);
     if (name == NULL) {
+        X509_free(cert);
         return NGX_ERROR;
     }
 
@@ -4673,6 +4674,7 @@
 
     name = X509_get_issuer_name(cert);
     if (name == NULL) {
+        X509_free(cert);
         return NGX_ERROR;
     }
commit	6d15d261cefeb5da853d22ad9562ea9b2bcd26b1	[log] [tgz]
author	Nikolay Morozov <n.morozov@securitycode.ru>	Tue Mar 26 09:33:57 2019 +0300
committer	Nikolay Morozov <n.morozov@securitycode.ru>	Tue Mar 26 09:33:57 2019 +0300
tree	a4a1bda1424a856d29612505a0a4ffeac0125a6e
parent	7a12b3b64d04f703ab95e33c41cbf005704b4b79 [diff]