[Asterisk-code-review] STIR/SHAKEN: OPENSSL_free serial hex from openssl. (asterisk[16])

Benjamin Keith Ford asteriskteam at digium.com
Tue May 11 14:38:56 CDT 2021 

Benjamin Keith Ford has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/15872 )

Change subject: STIR/SHAKEN: OPENSSL_free serial hex from openssl.
......................................................................

STIR/SHAKEN: OPENSSL_free serial hex from openssl.

We're getting the serial number of the certificate from openssl and
freeing it with ast_free(), but it needs to be freed with OPENSSL_free()
instead. Now we duplicate the string and free the one from openssl with
OPENSSL_free(), which means we can still use ast_free() on the returned
string.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia6e1a4028c1933a0e1d204b769ebb9f5a11f00ab
---
M res/res_stir_shaken/stir_shaken.c
1 file changed, 9 insertions(+), 1 deletion(-)

Approvals:
  Joshua Colp: Looks good to me, but someone else must approve
  Kevin Harwell: Looks good to me, but someone else must approve
  Benjamin Keith Ford: Looks good to me, approved; Approved for Submit



diff --git a/res/res_stir_shaken/stir_shaken.c b/res/res_stir_shaken/stir_shaken.c
index b580773..6bc07ea 100644
--- a/res/res_stir_shaken/stir_shaken.c
+++ b/res/res_stir_shaken/stir_shaken.c
@@ -144,6 +144,7 @@
 	ASN1_INTEGER *serial;
 	BIGNUM *bignum;
 	char *serial_hex;
+	char *ret;
 
 	fp = fopen(path, "r");
 	if (!fp) {
@@ -188,5 +189,12 @@
 		return NULL;
 	}
 
-	return serial_hex;
+	ret = ast_strdup(serial_hex);
+	OPENSSL_free(serial_hex);
+	if (!ret) {
+		ast_log(LOG_ERROR, "Failed to dup serial from openssl for certificate %s\n", path);
+		return NULL;
+	}
+
+	return ret;
 }

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/15872
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ia6e1a4028c1933a0e1d204b769ebb9f5a11f00ab
Gerrit-Change-Number: 15872
Gerrit-PatchSet: 2
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210511/aaed0862/attachment-0001.html>

More information about the asterisk-code-review mailing list