summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2018-02-17 16:53:27 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2018-02-17 16:53:27 +0000
commitb808677c8f0d6a1cf93ff75f4ad5b1199bd85311 (patch)
treeff274ab3a3a0685a37d1451fba145c6f618742c5
parenta5c60e3c951f141cfd38ac1d05eea15743206c9a (diff)
Fix memory leak during multi-message reception using STARTTLS
Reported-by: Wolfgang Breyha
-rw-r--r--doc/doc-txt/ChangeLog4
-rw-r--r--src/src/tls-gnu.c3
-rw-r--r--src/src/tls-openssl.c2
3 files changed, 7 insertions, 2 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 988c509bb..c5a506c16 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -106,6 +106,10 @@ JH/19 Speed up macro lookups during configuration file read, by skipping non-
JH/20 DANE support moved from Experimental to mainline. The Makefile control
for the build is renamed.
+JH/21 Fix memory leak during multi-message connections using STARTTLS. A buffer
+ was allocated for every new TLS startup, meaning one per message. Fix
+ by only allocating once (OpenSSL) or freeing on TLS-close (GnuTLS).
+
Exim version 4.90
-----------------
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index dab96974c..38e8eab09 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2464,9 +2464,10 @@ gnutls_certificate_free_credentials(state->x509_cred);
state->tlsp->active = -1;
+if (state->xfer_buffer) store_free(state->xfer_buffer);
memcpy(state, &exim_gnutls_state_init, sizeof(exim_gnutls_state_init));
-if ((state_server.session == NULL) && (state_client.session == NULL))
+if (!state_server.session && !state_client.session)
{
gnutls_global_deinit();
exim_gnutls_base_init_done = FALSE;
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 71d748f5c..7a6e8bfdf 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2095,7 +2095,7 @@ DEBUG(D_tls)
smtp_read_response()/ip_recv().
Hence no need to duplicate for _in and _out.
*/
-ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size);
+if (!ssl_xfer_buffer) ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size);
ssl_xfer_buffer_lwm = ssl_xfer_buffer_hwm = 0;
ssl_xfer_eof = ssl_xfer_error = 0;