CHANGES · 552c3de3575c719161998d541b3750b2ce12674c · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl · GitLab

Find file Blame History Permalink

- Johan van Selst found and fixed a OpenSSL session ref count leak: · 552c3de3

Daniel Stenberg authored Jan 08, 2010

  ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)

552c3de3

To find the state of this project's repository at the time of any of these versions, check out the tags.