Fix memory leak when initializing DH parameters in backend

michaelpq · michaelpq · commit e0e569e1d192 · 2019-12-14T18:17:31.000+09:00
When loading DH parameters used for the generation of ephemeral DH keys in the backend, the code has never bothered releasing the memory used for the DH information loaded from a file or from libpq's default. This commit makes sure that the information is properly free()'d. Note that as SSL parameters can be reloaded, this can cause an accumulation of memory leaked. As the leak is minor, no backpatch is done. Reported-by: Dmitry Uspenskiy Discussion: https://postgr.es/m/16160-18367e56e9a28264@postgresql.org
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
@@ -1015,8 +1015,11 @@ initialize_dh(SSL_CTX *context, bool isServerStart)
 				(errcode(ERRCODE_CONFIG_FILE_ERROR),
 				 (errmsg("DH: could not set DH parameters: %s",
 						 SSLerrmessage(ERR_get_error())))));
+		DH_free(dh);
 		return false;
 	}
+
+	DH_free(dh);
 	return true;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1015,8 +1015,11 @@ initialize_dh(SSL_CTX *context, bool isServerStart)`
`1015`	`1015`	`(errcode(ERRCODE_CONFIG_FILE_ERROR),`
`1016`	`1016`	`(errmsg("DH: could not set DH parameters: %s",`
`1017`	`1017`	`SSLerrmessage(ERR_get_error())))));`
	`1018`	`+ DH_free(dh);`
`1018`	`1019`	`return false;`
`1019`	`1020`	`}`
	`1021`	`+`
	`1022`	`+ DH_free(dh);`
`1020`	`1023`	`return true;`
`1021`	`1024`	`}`
`1022`	`1025`