summaryrefslogtreecommitdiff
path: root/doc/src
diff options
context:
space:
mode:
authorTom Lane <tgl@sss.pgh.pa.us>2021-03-16 16:02:49 -0400
committerTom Lane <tgl@sss.pgh.pa.us>2021-03-16 16:02:49 -0400
commit4d072bf2a031f343ef796dac6d324d9a03121183 (patch)
tree96393b9d2685f81ca8585951a65c88ec38a623df /doc/src
parent6ed05993310703f2f216142dada48bc1f10868fb (diff)
Avoid corner-case memory leak in SSL parameter processing.
After reading the root cert list from the ssl_ca_file, immediately install it as client CA list of the new SSL context. That gives the SSL context ownership of the list, so that SSL_CTX_free will free it. This avoids a permanent memory leak if we fail further down in be_tls_init(), which could happen if bogus CRL data is offered. The leak could only amount to something if the CRL parameters get broken after server start (else we'd just quit) and then the server is SIGHUP'd many times without fixing the CRL data. That's rather unlikely perhaps, but it seems worth fixing, if only because the code is clearer this way. While we're here, add some comments about the memory management aspects of this logic. Noted by Jelte Fennema and independently by Andres Freund. Back-patch to v10; before commit de41869b6 it doesn't matter, since we'd not re-execute this code during SIGHUP. Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org
Diffstat (limited to 'doc/src')
0 files changed, 0 insertions, 0 deletions