From 804005d2517e8772d432a4bd3048030decb66cf4 Mon Sep 17 00:00:00 2001
From: Torrey Searle <torrey@voxbone.com>
Date: Tue, 21 Jun 2016 13:52:20 +0200
Subject: res_rtp_asterisk: fix memory leak in dtls

ensure that cert bios get freed after creating the fingerprint

ASTERISK-26129 #close

Change-Id: I44d23aea07dce80176ca1ff877c5ace9452ef451
---
 res/res_rtp_asterisk.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'res')

diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index 1bf16941d..119e45d87 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1398,7 +1398,7 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 	if (!ast_strlen_zero(dtls_cfg->certfile)) {
 		char *private = ast_strlen_zero(dtls_cfg->pvtfile) ? dtls_cfg->certfile : dtls_cfg->pvtfile;
 		BIO *certbio;
-		X509 *cert;
+		X509 *cert = NULL;
 		const EVP_MD *type;
 		unsigned int size, i;
 		unsigned char fingerprint[EVP_MAX_MD_SIZE];
@@ -1440,6 +1440,9 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 			ast_log(LOG_ERROR, "Could not produce fingerprint from certificate '%s' for RTP instance '%p'\n",
 				dtls_cfg->certfile, instance);
 			BIO_free_all(certbio);
+			if (cert) {
+				X509_free(cert);
+			}
 			return -1;
 		}
 
@@ -1451,6 +1454,7 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 		*(local_fingerprint-1) = 0;
 
 		BIO_free_all(certbio);
+		X509_free(cert);
 	}
 
 	if (!ast_strlen_zero(dtls_cfg->cipher)) {
-- 
cgit v1.2.3