Changeset 6091 for pjproject/trunk/pjlib/src/pj/ssl_sock_imp_common.c

Timestamp:

Oct 11, 2019 2:26:12 PM (5 years ago)

Author:

riza

Message:

Fix #2244: Prevent continuous memory allocation when getting raw certificate on TLS.

File:

• pjproject/trunk/pjlib/src/pj/ssl_sock_imp_common.c (modified) (3 diffs)

pjproject/trunk/pjlib/src/pj/ssl_sock_imp_common.c

@@ -620 +620 @@
 
     /* Secure release pool, i.e: all memory blocks will be zeroed first */
+    pj_pool_secure_release(&ssock->info_pool);
     pj_pool_secure_release(&ssock->pool);
 }
@@ -1267 +1268 @@
     pj_ssl_sock_t *ssock;
     pj_status_t status;
+    pj_pool_t *info_pool;
 
     PJ_ASSERT_RETURN(pool && param && p_ssock, PJ_EINVAL);
     PJ_ASSERT_RETURN(param->sock_type == pj_SOCK_STREAM(), PJ_ENOTSUP);
 
+    info_pool = pj_pool_create(pool->factory, "ssl_chain%p", 512, 512, NULL);
     pool = pj_pool_create(pool->factory, "ssl%p", 512, 512, NULL);
 
@@ -1276 +1279 @@
     ssock = ssl_alloc(pool);
     ssock->pool = pool;
+    ssock->info_pool = info_pool;
     ssock->sock = PJ_INVALID_SOCKET;
     ssock->ssl_state = SSL_STATE_NULL;