From fe43346dc3151e80dae0acd751f0a94314dcb91c Mon Sep 17 00:00:00 2001 From: Maxim Dounin Date: Sun, 3 Mar 2019 16:48:39 +0300 Subject: SSL: fixed potential leak on memory allocation errors. If ngx_pool_cleanup_add() fails, we have to clean just created SSL context manually, thus appropriate call added. Additionally, ngx_pool_cleanup_add() moved closer to ngx_ssl_create() in the ngx_http_ssl_module, to make sure there are no leaks due to intermediate code. --- src/stream/ngx_stream_proxy_module.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/stream/ngx_stream_proxy_module.c') diff --git a/src/stream/ngx_stream_proxy_module.c b/src/stream/ngx_stream_proxy_module.c index d7bdec270..127c8a4a4 100644 --- a/src/stream/ngx_stream_proxy_module.c +++ b/src/stream/ngx_stream_proxy_module.c @@ -2096,6 +2096,7 @@ ngx_stream_proxy_set_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *pscf) cln = ngx_pool_cleanup_add(cf->pool, 0); if (cln == NULL) { + ngx_ssl_cleanup_ctx(pscf->ssl); return NGX_ERROR; } -- cgit