diff options
| author | Steve Dower <steve.dower@python.org> | 2019-09-09 13:48:22 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-09 13:48:22 (GMT) |
| commit | 5d695b6b7bcccf5f028cdacd986096de15bc0ca6 (patch) | |
| tree | 2f6d1cca58d355ad8b0f7c1ccdbd8220a0cb6d01 | |
| parent | 5e053eb98eb0d65a8e0f00b3641f9907198aace3 (diff) | |
| download | cpython-5d695b6b7bcccf5f028cdacd986096de15bc0ca6.zip cpython-5d695b6b7bcccf5f028cdacd986096de15bc0ca6.tar.gz cpython-5d695b6b7bcccf5f028cdacd986096de15bc0ca6.tar.bz2 | |
bpo-37702: Fix SSL's certificate-store leak on Windows (GH-15632)
ssl_collect_certificates function in _ssl.c has a memory leak.
Calling CertOpenStore() and CertAddStoreToCollection(), a store's refcnt gets incremented by 2.
But CertCloseStore() is called only once and the refcnt leaves 1.
| -rw-r--r-- | Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst | 2 | ||||
| -rw-r--r-- | Modules/_ssl.c | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst b/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst new file mode 100644 index 0000000..67d53d4 --- /dev/null +++ b/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst @@ -0,0 +1,2 @@ +Fix memory leak on Windows in creating an SSLContext object or +running urllib.request.urlopen('https://...').
\ No newline at end of file diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 089aa3b..6f91b48 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -5581,6 +5581,7 @@ ssl_collect_certificates(const char *store_name) if (result) { ++storesAdded; } + CertCloseStore(hSystemStore, 0); /* flag must be 0 */ } } if (storesAdded == 0) { |