You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I experienced two memory leaks when I am using the rabbitmq-c with encrypted connection. I am using libssl. I was able to fix the leaks that occured in hostname_matches_subject_alt_name and amqp_ssl_socket_verify_hostname in amqp_openssl.c.
I changed the methods to look like follows:
static int hostname_matches_subject_alt_name(const char *hostname, X509 *cert)
{
int found_any_entries = 0;
int found_match;
GENERAL_NAME *namePart = NULL;
STACK_OF(GENERAL_NAME) *san =
(STACK_OF(GENERAL_NAME)*) X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
while (sk_GENERAL_NAME_num(san) > 0)
{
namePart = sk_GENERAL_NAME_pop(san);
if (namePart->type == GEN_DNS) {
found_any_entries = 1;
found_match = match(namePart->d.uniformResourceIdentifier, hostname);
if (found_match)
return 1;
}
}
return (found_any_entries ? 0 : -1);
}
and
static int
amqp_ssl_socket_verify_hostname(void *base, const char *host)
{
struct amqp_ssl_socket_t *self = (struct amqp_ssl_socket_t *)base;
int status = 0;
X509 *cert=NULL;
int res;
cert = SSL_get_peer_certificate(self->ssl);
if (!cert) {
goto error;
}
res = hostname_matches_subject_alt_name(host, cert);
if (res != 1) {
res = hostname_matches_subject_common_name(host, cert);
if (!res)
goto error;
}
exit:
X509_free(cert);
return status;
error:
if(cert!=NULL)
X509_free(cert);
status = -1;
goto exit;
}
After I recompiled librabbitmq-c and rerun the application using valgrind the memory leaks were gone.
I experienced two memory leaks when I am using the rabbitmq-c with encrypted connection. I am using libssl. I was able to fix the leaks that occured in hostname_matches_subject_alt_name and amqp_ssl_socket_verify_hostname in amqp_openssl.c.
I changed the methods to look like follows:
and
After I recompiled librabbitmq-c and rerun the application using valgrind the memory leaks were gone.
kind regards
Volker Schreiner
AMAN Media GmbH
https://www.aman.de
The text was updated successfully, but these errors were encountered: