| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Avoid corner-case memory leak in SSL parameter processing. |
| Date: | 2021-03-16 20:03:22 |
| Message-ID: | E1lMFuU-0006nB-2a@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Avoid corner-case memory leak in SSL parameter processing.
After reading the root cert list from the ssl_ca_file, immediately
install it as client CA list of the new SSL context. That gives the
SSL context ownership of the list, so that SSL_CTX_free will free it.
This avoids a permanent memory leak if we fail further down in
be_tls_init(), which could happen if bogus CRL data is offered.
The leak could only amount to something if the CRL parameters get
broken after server start (else we'd just quit) and then the server
is SIGHUP'd many times without fixing the CRL data. That's rather
unlikely perhaps, but it seems worth fixing, if only because the
code is clearer this way.
While we're here, add some comments about the memory management
aspects of this logic.
Noted by Jelte Fennema and independently by Andres Freund.
Back-patch to v10; before commit de41869b6 it doesn't matter,
since we'd not re-execute this code during SIGHUP.
Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/4b12ab18c9d0735d760bf7667b158707b06e5df8
Modified Files
--------------
src/backend/libpq/be-secure-openssl.c | 49 +++++++++++++++++++----------------
1 file changed, 27 insertions(+), 22 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2021-03-16 20:12:31 | pgsql: amcheck: Reduce debug message verbosity. |
| Previous Message | Robert Haas | 2021-03-16 19:48:14 | pgsql: Fix a confusing amcheck corruption message. |