moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-03-11 15:50:48 -04:00
Code Issues Releases Wiki Activity

darwinssl: fix CFArrayRef leak

Browse Source 
Reviewed-by: Nick Zitzmann
Closes #1173
This commit is contained in:
Chris Araman 2016-12-22 18:50:31 -08:00 committed by Daniel Stenberg
parent 8db3afe16c
commit e53f0736c4
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/vtls/darwinssl.c
View File

@ -885,12 +885,13 @@ static OSStatus CopyIdentityWithLabel(char *label,
SecIdentityRef *out_cert_and_key) SecIdentityRef *out_cert_and_key)
{ {
OSStatus status = errSecItemNotFound; OSStatus status = errSecItemNotFound;
#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
CFArrayRef keys_list; CFArrayRef keys_list;
CFIndex keys_list_count; CFIndex keys_list_count;
CFIndex i; CFIndex i;
CFStringRef common_name; CFStringRef common_name;
#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
/* SecItemCopyMatching() was introduced in iOS and Snow Leopard. /* SecItemCopyMatching() was introduced in iOS and Snow Leopard.
kSecClassIdentity was introduced in Lion. If both exist, let's use them kSecClassIdentity was introduced in Lion. If both exist, let's use them
to find the certificate. */ to find the certificate. */
@ -929,32 +930,35 @@ static OSStatus CopyIdentityWithLabel(char *label,
if(status == noErr) { if(status == noErr) {
keys_list_count = CFArrayGetCount(keys_list); keys_list_count = CFArrayGetCount(keys_list);
*out_cert_and_key = NULL; *out_cert_and_key = NULL;
status = 1;
for(i=0; i<keys_list_count; i++) { for(i=0; i<keys_list_count; i++) {
OSStatus err = noErr; OSStatus err = noErr;
SecCertificateRef cert = NULL; SecCertificateRef cert = NULL;
*out_cert_and_key = SecIdentityRef identity =
(SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i); (SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i);
err = SecIdentityCopyCertificate(*out_cert_and_key, &cert); err = SecIdentityCopyCertificate(identity, &cert);
if(err == noErr) { if(err == noErr) {
#if CURL_BUILD_IOS #if CURL_BUILD_IOS
common_name = SecCertificateCopySubjectSummary(cert); common_name = SecCertificateCopySubjectSummary(cert);
#else // CURL_BUILD_MAC_10_7 #elif CURL_BUILD_MAC_10_7
SecCertificateCopyCommonName(cert, &common_name); SecCertificateCopyCommonName(cert, &common_name);
#endif #endif
if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) { if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) {
CFRelease(cert); CFRelease(cert);
CFRelease(common_name); CFRelease(common_name);
CFRetain(identity);
*out_cert_and_key = identity;
status = noErr; status = noErr;
break; break;
} }
CFRelease(common_name); CFRelease(common_name);
} }
*out_cert_and_key = NULL;
status = 1;
CFRelease(cert); CFRelease(cert);
} }
} }
if(keys_list)
CFRelease(keys_list);
CFRelease(query_dict); CFRelease(query_dict);
CFRelease(label_cf); CFRelease(label_cf);
} }