diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2018-02-17 16:53:27 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2018-02-17 16:53:27 +0000 |
commit | b808677c8f0d6a1cf93ff75f4ad5b1199bd85311 (patch) | |
tree | ff274ab3a3a0685a37d1451fba145c6f618742c5 | |
parent | a5c60e3c951f141cfd38ac1d05eea15743206c9a (diff) |
Fix memory leak during multi-message reception using STARTTLS
Reported-by: Wolfgang Breyha
-rw-r--r-- | doc/doc-txt/ChangeLog | 4 | ||||
-rw-r--r-- | src/src/tls-gnu.c | 3 | ||||
-rw-r--r-- | src/src/tls-openssl.c | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 988c509bb..c5a506c16 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -106,6 +106,10 @@ JH/19 Speed up macro lookups during configuration file read, by skipping non- JH/20 DANE support moved from Experimental to mainline. The Makefile control for the build is renamed. +JH/21 Fix memory leak during multi-message connections using STARTTLS. A buffer + was allocated for every new TLS startup, meaning one per message. Fix + by only allocating once (OpenSSL) or freeing on TLS-close (GnuTLS). + Exim version 4.90 ----------------- diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index dab96974c..38e8eab09 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -2464,9 +2464,10 @@ gnutls_certificate_free_credentials(state->x509_cred); state->tlsp->active = -1; +if (state->xfer_buffer) store_free(state->xfer_buffer); memcpy(state, &exim_gnutls_state_init, sizeof(exim_gnutls_state_init)); -if ((state_server.session == NULL) && (state_client.session == NULL)) +if (!state_server.session && !state_client.session) { gnutls_global_deinit(); exim_gnutls_base_init_done = FALSE; diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 71d748f5c..7a6e8bfdf 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -2095,7 +2095,7 @@ DEBUG(D_tls) smtp_read_response()/ip_recv(). Hence no need to duplicate for _in and _out. */ -ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size); +if (!ssl_xfer_buffer) ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size); ssl_xfer_buffer_lwm = ssl_xfer_buffer_hwm = 0; ssl_xfer_eof = ssl_xfer_error = 0; |