You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by ja...@apache.org on 2021/12/24 13:49:35 UTC

svn commit: r1896361 - /httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c

Author: jailletc36
Date: Fri Dec 24 13:49:35 2021
New Revision: 1896361

URL: http://svn.apache.org/viewvc?rev=1896361&view=rev
Log:
Close a file handle in case of error in ct_static_scts()

PR 65760 <ryancaicse gmail.com>

Modified:
    httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c

Modified: httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c?rev=1896361&r1=1896360&r2=1896361&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c (original)
+++ httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c Fri Dec 24 13:49:35 2021
@@ -2967,6 +2967,7 @@ static const char *ct_static_scts(cmd_pa
     
     cert = PEM_read_X509(pemfile, NULL, NULL, NULL);
     if (!cert) {
+        fclose(pemfile);
         return apr_psprintf(p, "could not read certificate from file %s",
                             cert_fn);
     }

Re: svn commit: r1896361 - /httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c

Posted by Marion & Christophe JAILLET <ch...@wanadoo.fr>.

Le 07/01/2022 à 14:13, Ruediger Pluem a écrit :
>
> On 12/24/21 2:49 PM, jailletc36@apache.org wrote:
>> Author: jailletc36
>> Date: Fri Dec 24 13:49:35 2021
>> New Revision: 1896361
>>
>> URL: http://svn.apache.org/viewvc?rev=1896361&view=rev
>> Log:
>> Close a file handle in case of error in ct_static_scts()
>>
>> PR 65760 <ryancaicse gmail.com>
>>
>> Modified:
>>      httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c
>>
>> Modified: httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c
>> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c?rev=1896361&r1=1896360&r2=1896361&view=diff
>> ==============================================================================
>> --- httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c (original)
>> +++ httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c Fri Dec 24 13:49:35 2021
>> @@ -2967,6 +2967,7 @@ static const char *ct_static_scts(cmd_pa
>>       
>>       cert = PEM_read_X509(pemfile, NULL, NULL, NULL);
>>       if (!cert) {
>> +        fclose(pemfile);
> Couldn't we just move that before the if and remove the previously existing call?
>
> Regards
>
> Rüdiger

Hi,


if you mean something like:

https://github.com/tititiou36/httpd/commit/1348607c00ba58ce371f2f8ecb08abf610227043

Yes, this is just fine for me.


CJ

Re: svn commit: r1896361 - /httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c

Posted by Ruediger Pluem <rp...@apache.org>.


On 12/24/21 2:49 PM, jailletc36@apache.org wrote:
> Author: jailletc36
> Date: Fri Dec 24 13:49:35 2021
> New Revision: 1896361
> 
> URL: http://svn.apache.org/viewvc?rev=1896361&view=rev
> Log:
> Close a file handle in case of error in ct_static_scts()
> 
> PR 65760 <ryancaicse gmail.com>
> 
> Modified:
>     httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c
> 
> Modified: httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c?rev=1896361&r1=1896360&r2=1896361&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c (original)
> +++ httpd/httpd/trunk/modules/ssl/mod_ssl_ct.c Fri Dec 24 13:49:35 2021
> @@ -2967,6 +2967,7 @@ static const char *ct_static_scts(cmd_pa
>      
>      cert = PEM_read_X509(pemfile, NULL, NULL, NULL);
>      if (!cert) {
> +        fclose(pemfile);

Couldn't we just move that before the if and remove the previously existing call?

Regards

Rüdiger