diff options
author | Benjamin Peterson <benjamin@python.org> | 2015-11-12 06:14:08 (GMT) |
---|---|---|
committer | Benjamin Peterson <benjamin@python.org> | 2015-11-12 06:14:08 (GMT) |
commit | 86429bd1749e475145198b2d1498ef43b2597ab2 (patch) | |
tree | ff638d4c37dcbc897961f014f058b3390212b415 | |
parent | a99ab63d06f422efad1c6b4669b955172ef1f62a (diff) | |
parent | eda06c8f5e7d7ed5ff79c2c5296253f8f14b7f28 (diff) | |
download | cpython-86429bd1749e475145198b2d1498ef43b2597ab2.zip cpython-86429bd1749e475145198b2d1498ef43b2597ab2.tar.gz cpython-86429bd1749e475145198b2d1498ef43b2597ab2.tar.bz2 |
merge 3.5 (#25569)
-rw-r--r-- | Misc/NEWS | 2 | ||||
-rw-r--r-- | Modules/_ssl.c | 52 |
2 files changed, 26 insertions, 28 deletions
@@ -229,6 +229,8 @@ Library - Issue #24881: Fixed setting binary mode in Python implementation of FileIO on Windows and Cygwin. Patch from Akira Li. +- Issue #25569: Fix memory leak in SSLSocket.getpeercert(). + - Issue #25471: Sockets returned from accept() shouldn't appear to be nonblocking. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 4f4379f..a918586 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1067,25 +1067,23 @@ _get_aia_uri(X509 *certificate, int nid) { static PyObject * _get_crl_dp(X509 *certificate) { STACK_OF(DIST_POINT) *dps; - int i, j, result; - PyObject *lst; + int i, j; + PyObject *lst, *res = NULL; #if OPENSSL_VERSION_NUMBER < 0x10001000L - dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, - NULL, NULL); + dps = X509_get_ext_d2i(certificate, NID_crl_distribution_points, NULL, NULL); #else /* Calls x509v3_cache_extensions and sets up crldp */ X509_check_ca(certificate); dps = certificate->crldp; #endif - if (dps == NULL) { + if (dps == NULL) return Py_None; - } - if ((lst = PyList_New(0)) == NULL) { - return NULL; - } + lst = PyList_New(0); + if (lst == NULL) + goto done; for (i=0; i < sk_DIST_POINT_num(dps); i++) { DIST_POINT *dp; @@ -1098,6 +1096,7 @@ _get_crl_dp(X509 *certificate) { GENERAL_NAME *gn; ASN1_IA5STRING *uri; PyObject *ouri; + int err; gn = sk_GENERAL_NAME_value(gns, j); if (gn->type != GEN_URI) { @@ -1106,28 +1105,25 @@ _get_crl_dp(X509 *certificate) { uri = gn->d.uniformResourceIdentifier; ouri = PyUnicode_FromStringAndSize((char *)uri->data, uri->length); - if (ouri == NULL) { - Py_DECREF(lst); - return NULL; - } - result = PyList_Append(lst, ouri); + if (ouri == NULL) + goto done; + + err = PyList_Append(lst, ouri); Py_DECREF(ouri); - if (result < 0) { - Py_DECREF(lst); - return NULL; - } + if (err < 0) + goto done; } } - /* convert to tuple or None */ - if (PyList_Size(lst) == 0) { - Py_DECREF(lst); - return Py_None; - } else { - PyObject *tup; - tup = PyList_AsTuple(lst); - Py_DECREF(lst); - return tup; - } + + /* Convert to tuple. */ + res = (PyList_GET_SIZE(lst) > 0) ? PyList_AsTuple(lst) : Py_None; + + done: + Py_XDECREF(lst); +#if OPENSSL_VERSION_NUMBER < 0x10001000L + sk_DIST_POINT_free(dsp); +#endif + return res; } static PyObject * |