Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / d544d33e10868963407212660466aa552d5888e6
commitd544d33e10868963407212660466aa552d5888e6[log] [tgz]
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>Fri Feb 04 14:24:15 2022 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Tue Feb 15 20:08:20 2022 +0100
tree7b0659f5bbf58c99903f41d5dc54a4884ac950d7
parent2b5a6559460b41dd6db2740cc961b461cef12edc [diff]
BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls

If the same filename was specified in multiple calls of the jwt_verify
converter, we would have parsed the contents of the file every time it
was used instead of checking if the entry already existed in the tree.
This lead to memory leaks because we would not insert the duplicated
entry and we would not free it (as well as the EVP_PKEY it referenced).
We now check the return value of ebst_insert and free the current entry
if it is a duplicate of an existing entry.
The order in which the tree insert and the pkey parsing happen was also
switched in order to avoid parsing key files in case of duplicates.

Should be backported to 2.5.
1 file changed
tree: 7b0659f5bbf58c99903f41d5dc54a4884ac950d7
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .mailmap
  16. .travis.yml
  17. BRANCHES
  18. CHANGELOG
  19. CONTRIBUTING
  20. INSTALL
  21. LICENSE
  22. MAINTAINERS
  23. Makefile
  24. README
  25. ROADMAP
  26. SUBVERS
  27. VERDATE
  28. VERSION