diff options
| -rw-r--r-- | Misc/NEWS | 2 | ||||
| -rw-r--r-- | Modules/_ssl.c | 7 |
2 files changed, 7 insertions, 2 deletions
@@ -245,6 +245,8 @@ Library - Issue #24881: Fixed setting binary mode in Python implementation of FileIO on Windows and Cygwin. Patch from Akira Li. +- Issue #25578: Fix (another) memory leak in SSLSocket.getpeercer(). + - Issue #25530: Disable the vulnerable SSLv3 protocol by default when creating ssl.SSLContext. diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 784040d651..67402fe0a4 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -1017,7 +1017,10 @@ _get_aia_uri(X509 *certificate, int nid) { AUTHORITY_INFO_ACCESS *info; info = X509_get_ext_d2i(certificate, NID_info_access, NULL, NULL); - if ((info == NULL) || (sk_ACCESS_DESCRIPTION_num(info) == 0)) { + if (info == NULL) + return Py_None; + if (sk_ACCESS_DESCRIPTION_num(info) == 0) { + AUTHORITY_INFO_ACCESS_free(info); return Py_None; } @@ -3967,7 +3970,7 @@ _ssl_get_default_verify_paths_impl(PyModuleDef *module) else if ((target = PyUnicode_DecodeFSDefault(tmp)) == NULL) { \ target = PyBytes_FromString(tmp); } \ if (!target) goto error; \ - } + } CONVERT(X509_get_default_cert_file_env(), ofile_env); CONVERT(X509_get_default_cert_file(), ofile); |