dovecot-2.0: login proxy: Previous memory leak fix caused Doveco...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.0/rev/2440e656ed9f
changeset: 13103:2440e656ed9f
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Jun 24 01:03:52 2012 +0300
description:
login proxy: Previous memory leak fix caused Dovecot to access freed memory.

diffstat:

 src/login-common/ssl-proxy-openssl.c |  10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diffs (31 lines):

diff -r 7720fb368e40 -r 2440e656ed9f src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c	Wed Jun 20 02:21:54 2012 +0300
+++ b/src/login-common/ssl-proxy-openssl.c	Sun Jun 24 01:03:52 2012 +0300
@@ -715,6 +715,7 @@
 	const char *dnsname;
 	bool dns_names = FALSE;
 	unsigned int i, count;
+	int ret;
 
 	cert = SSL_get_peer_certificate(ssl);
 	i_assert(cert != NULL);
@@ -732,14 +733,15 @@
 		}
 	}
 	sk_GENERAL_NAME_pop_free(gnames, GENERAL_NAME_free);
-	X509_free(cert);
 
 	/* verify against CommonName only when there wasn't any DNS
 	   SubjectAltNames */
 	if (dns_names)
-		return i < count ? 0 : -1;
-
-	return strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1;
+		ret = i < count ? 0 : -1;
+	else
+		ret = strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1;
+	X509_free(cert);
+	return ret;
 }
 
 int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name)