diff options
author | Christophe Fergeau <cfergeau@redhat.com> | 2015-10-23 11:43:22 +0200 |
---|---|---|
committer | Christophe Fergeau <cfergeau@redhat.com> | 2015-11-27 17:50:02 +0100 |
commit | 47122befcde4e40a8be0267af2bd77811b838c84 (patch) | |
tree | 52d0d18e94351201dacea7a6fc17ed19ff56d597 | |
parent | 9057e0aef335387458c5374c0e1b7a6c14bf5cef (diff) | |
download | spice-common-47122befcde4e40a8be0267af2bd77811b838c84.tar.gz spice-common-47122befcde4e40a8be0267af2bd77811b838c84.tar.xz spice-common-47122befcde4e40a8be0267af2bd77811b838c84.zip |
ssl-verify: Don't leak GInetAddress
GInetAddress is a GObject, so we must unref anything we create with
g_inet_address_new_*
-rw-r--r-- | common/ssl_verify.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/common/ssl_verify.c b/common/ssl_verify.c index 817cf7b..601252e 100644 --- a/common/ssl_verify.c +++ b/common/ssl_verify.c @@ -190,9 +190,7 @@ static int verify_hostname(X509* cert, const char *hostname) return 1; } } else if (name->type == GEN_IPADD) { - GInetAddress * alt_ip = NULL; GInetAddress * ip = NULL; - gchar * alt_ip_string = NULL; const guint8 * ip_binary = NULL; int alt_ip_len = 0; int ip_len = 0; @@ -211,15 +209,23 @@ static int verify_hostname(X509* cert, const char *hostname) if ((ip_len == alt_ip_len) && (memcmp(ASN1_STRING_data(name->d.iPAddress), ip_binary, ip_len)) == 0) { + GInetAddress * alt_ip = NULL; + gchar * alt_ip_string = NULL; + alt_ip = g_inet_address_new_from_bytes(ASN1_STRING_data(name->d.iPAddress), g_inet_address_get_family(ip)); alt_ip_string = g_inet_address_to_string(alt_ip); spice_debug("alt name IP match=%s", alt_ip_string); g_free(alt_ip_string); + g_object_unref(alt_ip); + g_object_unref(ip); GENERAL_NAMES_free(subject_alt_names); return 1; } + if (ip != NULL) { + g_object_unref(ip); + } } } GENERAL_NAMES_free(subject_alt_names); |