BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
according to manpage:
sk_TYPE_zero() sets the number of elements in sk to zero. It
does not free sk so after this call sk is still valid.
so we need to free all elements
[wt: seems like it has been there forever and should be backported
to all stable branches]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 651afa3..4a0ad76 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -9702,6 +9702,7 @@
static void __ssl_sock_init(void)
{
STACK_OF(SSL_COMP)* cm;
+ int n;
if (global_ssl.listen_default_ciphers)
global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
@@ -9719,7 +9720,11 @@
SSL_library_init();
#endif
cm = SSL_COMP_get_compression_methods();
- sk_SSL_COMP_zero(cm);
+ n = sk_SSL_COMP_num(cm);
+ while (n--) {
+ (void) sk_SSL_COMP_pop(cm);
+ }
+
#if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
ssl_locking_init();
#endif