From ad6c19066d931c66612531d83b15dfd2464e2a29 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sat, 20 Mar 2021 12:47:21 -0400 Subject: [PATCH] Fix memory leak when rejecting bogus DH parameters. While back-patching e0e569e1d, I noted that there were some other places where we ought to be applying DH_free(); namely, where we load some DH parameters from a file and then reject them as not being sufficiently secure. While it seems really unlikely that anybody would hit these code paths in production, let alone do so repeatedly, let's fix it for consistency. Back-patch to v10 where this code was introduced. Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org --- src/backend/libpq/be-secure-openssl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index 7495a970fa4..f0186d546a1 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -935,6 +935,7 @@ load_dh_file(char *filename, bool isServerStart) (errcode(ERRCODE_CONFIG_FILE_ERROR), errmsg("invalid DH parameters: %s", SSLerrmessage(ERR_get_error())))); + DH_free(dh); return NULL; } if (codes & DH_CHECK_P_NOT_PRIME) @@ -942,6 +943,7 @@ load_dh_file(char *filename, bool isServerStart) ereport(isServerStart ? FATAL : LOG, (errcode(ERRCODE_CONFIG_FILE_ERROR), errmsg("invalid DH parameters: p is not prime"))); + DH_free(dh); return NULL; } if ((codes & DH_NOT_SUITABLE_GENERATOR) && @@ -950,6 +952,7 @@ load_dh_file(char *filename, bool isServerStart) ereport(isServerStart ? FATAL : LOG, (errcode(ERRCODE_CONFIG_FILE_ERROR), errmsg("invalid DH parameters: neither suitable generator or safe prime"))); + DH_free(dh); return NULL; } -- 2.39.5