pxcloud/spice-common
5
0
Fork 0
mirror of https://gitlab.uni-freiburg.de/opensourcevdi/spice-common synced 2026-01-01 04:11:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ssl-verify: Don't leak GInetAddress

Browse Source 
GInetAddress is a GObject, so we must unref anything we create with
g_inet_address_new_*
This commit is contained in:
Christophe Fergeau 2015-10-23 11:43:22 +02:00
parent 9057e0aef3
commit 47122befcd
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
common/ssl_verify.c
View File

@ -190,9 +190,7 @@ static int verify_hostname(X509* cert, const char *hostname)
return 1;
}
} else if (name->type == GEN_IPADD) {
GInetAddress * alt_ip = NULL;
GInetAddress * ip = NULL;
gchar * alt_ip_string = NULL;
const guint8 * ip_binary = NULL;
int alt_ip_len = 0;
int ip_len = 0;
@ -211,15 +209,23 @@ static int verify_hostname(X509* cert, const char *hostname)
if ((ip_len == alt_ip_len) &&
(memcmp(ASN1_STRING_data(name->d.iPAddress), ip_binary, ip_len)) == 0) {
GInetAddress * alt_ip = NULL;
gchar * alt_ip_string = NULL;
alt_ip = g_inet_address_new_from_bytes(ASN1_STRING_data(name->d.iPAddress),
g_inet_address_get_family(ip));
alt_ip_string = g_inet_address_to_string(alt_ip);
spice_debug("alt name IP match=%s", alt_ip_string);
g_free(alt_ip_string);
g_object_unref(alt_ip);
g_object_unref(ip);
GENERAL_NAMES_free(subject_alt_names);
return 1;
}
if (ip != NULL) {
g_object_unref(ip);
}
}
}
GENERAL_NAMES_free(subject_alt_names);