From b808677c8f0d6a1cf93ff75f4ad5b1199bd85311 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 17 Feb 2018 16:53:27 +0000 Subject: Fix memory leak during multi-message reception using STARTTLS Reported-by: Wolfgang Breyha --- doc/doc-txt/ChangeLog | 4 ++++ src/src/tls-gnu.c | 3 ++- src/src/tls-openssl.c | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 988c509bb..c5a506c16 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -106,6 +106,10 @@ JH/19 Speed up macro lookups during configuration file read, by skipping non- JH/20 DANE support moved from Experimental to mainline. The Makefile control for the build is renamed. +JH/21 Fix memory leak during multi-message connections using STARTTLS. A buffer + was allocated for every new TLS startup, meaning one per message. Fix + by only allocating once (OpenSSL) or freeing on TLS-close (GnuTLS). + Exim version 4.90 ----------------- diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index dab96974c..38e8eab09 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -2464,9 +2464,10 @@ gnutls_certificate_free_credentials(state->x509_cred); state->tlsp->active = -1; +if (state->xfer_buffer) store_free(state->xfer_buffer); memcpy(state, &exim_gnutls_state_init, sizeof(exim_gnutls_state_init)); -if ((state_server.session == NULL) && (state_client.session == NULL)) +if (!state_server.session && !state_client.session) { gnutls_global_deinit(); exim_gnutls_base_init_done = FALSE; diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 71d748f5c..7a6e8bfdf 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -2095,7 +2095,7 @@ DEBUG(D_tls) smtp_read_response()/ip_recv(). Hence no need to duplicate for _in and _out. */ -ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size); +if (!ssl_xfer_buffer) ssl_xfer_buffer = store_malloc(ssl_xfer_buffer_size); ssl_xfer_buffer_lwm = ssl_xfer_buffer_hwm = 0; ssl_xfer_eof = ssl_xfer_error = 0; -- cgit v1.2.3