crypto: fix memory leak if certificate is revoked

The additional validity checks applied to StartCom and WoSign certificates failed to free memory before returning. Refs: https://github.com/nodejs/node/pull/9469 Fixes: https://github.com/nodejs/node/issues/12033 PR-URL: https://github.com/nodejs/node/pull/12089 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
8 years ago · a64aa442c1
1 changed files with 6 additions and 2 deletions
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -2760,7 +2760,9 @@ inline bool CertIsStartComOrWoSign(X509_NAME* name) {
    startcom_wosign_data = dn.data;
    startcom_wosign_name = d2i_X509_NAME(nullptr, &startcom_wosign_data,
                                         dn.len);
-    if (X509_NAME_cmp(name, startcom_wosign_name) == 0)
+    int cmp = X509_NAME_cmp(name, startcom_wosign_name);
+    X509_NAME_free(startcom_wosign_name);
+    if (cmp == 0)
      return true;
  }

@ -2805,8 +2807,10 @@ inline CheckResult CheckWhitelistedServerCert(X509_STORE_CTX* ctx) {
  }

  X509* leaf_cert = sk_X509_value(chain, 0);
-  if (!CheckStartComOrWoSign(root_name, leaf_cert))
+  if (!CheckStartComOrWoSign(root_name, leaf_cert)) {
+    sk_X509_pop_free(chain, X509_free);
    return CHECK_CERT_REVOKED;
+  }

  // When the cert is issued from either CNNNIC ROOT CA or CNNNIC EV
  // ROOT CA, check a hash of its leaf cert if it is in the whitelist.