git: 9front

Download patch

ref: 2e0544147d7a14364fa1ff0bfd56463d15f5f9ba
parent: d8a7c1fae1c0b4456aabd132d8020ed29774428a
author: cinap_lenrek <cinap_lenrek@gmx.de>
date: Wed Nov 28 03:51:50 EST 2012 

upas/fs: fix tlsClient() memory leaks


--- a/sys/src/cmd/upas/fs/imap4.c
+++ b/sys/src/cmd/upas/fs/imap4.c
@@ -399,7 +399,6 @@
 	int sfd;
 	uchar digest[SHA1dlen];
 
-	fmtinstall('H', encodefmt);
 	memset(connp, 0, sizeof *connp);
 	sfd = tlsClient(imap->fd, connp);
 	if(sfd < 0) {
@@ -414,6 +413,7 @@
 	sha1(connp->cert, connp->certlen, digest, nil);
 	if(!imap->thumb || !okThumbprint(digest, imap->thumb)){
 		close(sfd);
+		fmtinstall('H', encodefmt);
 		werrstr("server certificate %.*H not recognized",
 			SHA1dlen, digest);
 		return -1;
@@ -451,10 +451,10 @@
 
 	if(imap->mustssl){
 		sfd = starttls(imap, &conn);
-		if (sfd < 0) {
-			free(conn.cert);
+		free(conn.cert);
+		free(conn.sessionID);
+		if(sfd < 0)
 			return imaperrstr(imap->host, port);
-		}
 		if(imap->debug){
 			char fn[128];
 			int fd;
@@ -463,9 +463,11 @@
 			fd = open(fn, ORDWR);
 			if(fd < 0)
 				fprint(2, "opening ctl: %r\n");
-			if(fprint(fd, "debug") < 0)
-				fprint(2, "writing ctl: %r\n");
-			close(fd);
+			else {
+				if(fprint(fd, "debug") < 0)
+					fprint(2, "writing ctl: %r\n");
+				close(fd);
+			}
 		}
 	}
 	Binit(&imap->bin, imap->fd, OREAD);
--- a/sys/src/cmd/upas/fs/pop3.c
+++ b/sys/src/cmd/upas/fs/pop3.c
@@ -119,31 +119,39 @@
 	int fd;
 	uchar digest[SHA1dlen];
 	TLSconn conn;
+	char *err;
 
+	err = nil;
 	memset(&conn, 0, sizeof conn);
 	// conn.trace = pop3log;
 	fd = tlsClient(pop->fd, &conn);
-	if(fd < 0)
-		return "tls error";
+	if(fd < 0){
+		err = "tls error";
+		goto out;
+	}
 	if(conn.cert==nil || conn.certlen <= 0){
-		close(fd);
-		return "server did not provide TLS certificate";
+		err = "server did not provide TLS certificate";
+		goto out;
 	}
 	sha1(conn.cert, conn.certlen, digest, nil);
 	if(!pop->thumb || !okThumbprint(digest, pop->thumb)){
 		fmtinstall('H', encodefmt);
-		close(fd);
-		free(conn.cert);
 		fprint(2, "upas/fs pop3: server certificate %.*H not recognized\n", SHA1dlen, digest);
-		return "bad server certificate";
+		err = "bad server certificate";
+		goto out;
 	}
-	free(conn.cert);
 	close(pop->fd);
 	pop->fd = fd;
 	pop->encrypted = 1;
 	Binit(&pop->bin, pop->fd, OREAD);
 	Binit(&pop->bout, pop->fd, OWRITE);
-	return nil;
+	fd = -1;
+out:
+	free(conn.sessionID);
+	free(conn.cert);
+	if(fd >= 0)
+		close(fd);
+	return err;
 }
 
 //
--