summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Misc/NEWS3
-rw-r--r--Modules/_ssl.c7
2 files changed, 10 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 990f4d6..63434ba 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -68,6 +68,9 @@ Library
Extension Modules
-----------------
+- Issue #15977: Fix memory leak in Modules/_ssl.c when the function
+ _set_npn_protocols() is called multiple times, thanks to Daniel Sommermann.
+
Tests
-----
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 456b1f1..ad22c52 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -1713,6 +1713,9 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
return NULL;
}
self->ctx = ctx;
+#ifdef OPENSSL_NPN_NEGOTIATED
+ self->npn_protocols = NULL;
+#endif
/* Defaults */
SSL_CTX_set_verify(self->ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_options(self->ctx,
@@ -1812,6 +1815,10 @@ _set_npn_protocols(PySSLContext *self, PyObject *args)
if (!PyArg_ParseTuple(args, "y*:set_npn_protocols", &protos))
return NULL;
+ if (self->npn_protocols != NULL) {
+ PyMem_Free(self->npn_protocols);
+ }
+
self->npn_protocols = PyMem_Malloc(protos.len);
if (self->npn_protocols == NULL) {
PyBuffer_Release(&protos);