generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-23 08:31:43 +02:00
Code Issues Projects Releases Wiki Activity

fixed GH #2380: Calling Poco::Net::X509Certificate::addChainCertificate() leads to double free.

Browse Source
This commit is contained in:
Günter Obiltschnig
2019-06-22 18:11:05 +02:00
parent ee5a7269c3
commit 27335031e1
2 changed files with 31 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NetSSL_OpenSSL/src/Context.cpp
View File

@@ -198,9 +198,11 @@ void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
void Context::addChainCertificate(const Poco::Crypto::X509Certificate& certificate)
{
int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, certificate.certificate());
X509* pCert = certificate.dup();
int errCode = SSL_CTX_add_extra_chain_cert(_pSSLContext, pCert);
if (errCode != 1)
{
X509_free(pCert);
std::string msg = Utility::getLastError();
throw SSLContextException("Cannot add chain certificate to Context", msg);
}