TSG-3479 TFE 证书校验判断是否是CT证书的处理流程中存在内存泄露

author: luwenpeng <[email protected]> 2020-10-10 11:03:23 +0800
committer: luwenpeng <[email protected]> 2020-10-10 11:03:23 +0800
commit: 24db7db86d121b93959c6764bc138bcb503b6b4e (patch)
tree: ba616927e791a3b7ee5de48a1fb5de1d6a0fccbd
parent: 3e8566af927352882e5dc0f9b211547a59f8a70b (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/platform/src/ssl_trusted_cert_storage.cpp b/platform/src/ssl_trusted_cert_storage.cpp
index 051ec8d..f01fd9f 100644
--- a/platform/src/ssl_trusted_cert_storage.cpp
+++ b/platform/src/ssl_trusted_cert_storage.cpp
@@ -434,16 +434,16 @@ int ssl_trusted_cert_storage_verify_conn(struct ssl_trusted_cert_storage* storag
 	}
 	free(oid);
 	oid=NULL;
-
-	ASN1_OCTET_STRING *sct=NULL;	
+	
 	int crit = 0;
-	sct = (ASN1_OCTET_STRING*)X509_get_ext_d2i(cert, NID_ct_precert_scts, &crit, NULL);
-	if(sct)
+    STACK_OF(SCT) *sct = (STACK_OF(SCT) *)X509_get_ext_d2i(cert, NID_ct_precert_scts, &crit, NULL);
+    if(sct)
 	{
 		result->is_ct=1;
 	}
-	ASN1_STRING_free(sct);
-	X509_STORE_CTX * ctx = X509_STORE_CTX_new();
+    SCT_LIST_free(sct);
+
+    X509_STORE_CTX * ctx = X509_STORE_CTX_new();
 	pthread_rwlock_rdlock(&(storage->rwlock));
 	ret = X509_STORE_CTX_init(ctx, storage->effective_store, cert, cert_chain);
 	assert(ret == 1);
author	luwenpeng <[email protected]>	2020-10-10 11:03:23 +0800
committer	luwenpeng <[email protected]>	2020-10-10 11:03:23 +0800
commit	24db7db86d121b93959c6764bc138bcb503b6b4e (patch)
tree	ba616927e791a3b7ee5de48a1fb5de1d6a0fccbd
parent	3e8566af927352882e5dc0f9b211547a59f8a70b (diff)