From fe43346dc3151e80dae0acd751f0a94314dcb91c Mon Sep 17 00:00:00 2001 From: Maxim Dounin Date: Sun, 3 Mar 2019 16:48:39 +0300 Subject: SSL: fixed potential leak on memory allocation errors. If ngx_pool_cleanup_add() fails, we have to clean just created SSL context manually, thus appropriate call added. Additionally, ngx_pool_cleanup_add() moved closer to ngx_ssl_create() in the ngx_http_ssl_module, to make sure there are no leaks due to intermediate code. --- src/http/modules/ngx_http_proxy_module.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/http/modules/ngx_http_proxy_module.c') diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c index d6a892217..3aafb9996 100644 --- a/src/http/modules/ngx_http_proxy_module.c +++ b/src/http/modules/ngx_http_proxy_module.c @@ -4270,6 +4270,7 @@ ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf) cln = ngx_pool_cleanup_add(cf->pool, 0); if (cln == NULL) { + ngx_ssl_cleanup_ctx(plcf->upstream.ssl); return NGX_ERROR; } -- cgit