Fix memory leak when initializing DH parameters in backend

When loading DH parameters used for the generation of ephemeral DH keys in the backend, the code has never bothered releasing the memory used for the DH information loaded from a file or from libpq's default. This commit makes sure that the information is properly free()'d. Note that as SSL parameters can be reloaded, this can cause an accumulation of memory leaked. As the leak is minor, no backpatch is done. Reported-by: Dmitry Uspenskiy Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org
author: Michael Paquier 2019-12-14 09:17:31 +0000
committer: Michael Paquier 2019-12-14 09:17:31 +0000
commit: e0e569e1d192c3fed942257302f24b550cf982f4 (patch)
tree: ce866b412a99f0f394caf3176b7602d9c106ff5f
parent: 7c85be08a2d404ec2a1a6a3b089e7f08d62e5db8 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 629919cc6e1..5f0430ded75 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -1015,8 +1015,11 @@ initialize_dh(SSL_CTX *context, bool isServerStart)
 				(errcode(ERRCODE_CONFIG_FILE_ERROR),
 				 (errmsg("DH: could not set DH parameters: %s",
 						 SSLerrmessage(ERR_get_error())))));
+		DH_free(dh);
 		return false;
 	}
+
+	DH_free(dh);
 	return true;
 }
author	Michael Paquier	2019-12-14 09:17:31 +0000
committer	Michael Paquier	2019-12-14 09:17:31 +0000
commit	e0e569e1d192c3fed942257302f24b550cf982f4 (patch)
tree	ce866b412a99f0f394caf3176b7602d9c106ff5f
parent	7c85be08a2d404ec2a1a6a3b089e7f08d62e5db8 (diff)