(tomcat-native) 01/02: Centralize cleanup

Mon, 26 Jan 2026 02:17:27 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 1.3.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git

commit bdaef8e7792da4a8a31a092869e8ea50509705fa
Author: Chenjp <[email protected]>
AuthorDate: Mon Jan 26 11:03:38 2026 +0800

    Centralize cleanup
    
    Avoid sslconf mem-leak with tcn_throw ex, which is unlikely to happen in 
real world.
---
 native/src/sslconf.c              | 73 +++++++++++++++++++++------------------
 xdocs/miscellaneous/changelog.xml |  4 +++
 2 files changed, 43 insertions(+), 34 deletions(-)

diff --git a/native/src/sslconf.c b/native/src/sslconf.c
index 68e15faf6..06a457cb7 100644
--- a/native/src/sslconf.c
+++ b/native/src/sslconf.c
@@ -155,16 +155,16 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, 
jlong cctx,
     TCN_ASSERT(c->cctx != 0);
     if (!J2S(cmd)) {
         tcn_Throw(e, "Can not check null SSL_CONF command");
-        return SSL_THROW_RETURN;
+        rc = SSL_THROW_RETURN;
+        goto cleanup;
     }
     if (!strcmp(J2S(cmd), "NO_OCSP_CHECK")) {
         if (!strcasecmp(J2S(value), "false"))
             c->no_ocsp_check = 0;
         else
             c->no_ocsp_check = 1;
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
 
     if (!strcmp(J2S(cmd), "OCSP_SOFT_FAIL")) {
@@ -172,9 +172,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, jlong 
cctx,
             c->ocsp_soft_fail = 0;
         else
             c->ocsp_soft_fail = 1;
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
 
     if (!strcmp(J2S(cmd), "OCSP_TIMEOUT")) {
@@ -185,9 +184,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, jlong 
cctx,
             // Tomcat configures timeout is millisecond. APR uses microseconds.
             c->ocsp_timeout = i * 1000;
         }
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
 
     if (!strcmp(J2S(cmd), "OCSP_VERIFY_FLAGS")) {
@@ -197,9 +195,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, jlong 
cctx,
         if (!errno) {
             c->ocsp_verify_flags = i;
         }
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
 
     SSL_ERR_clear();
@@ -209,35 +206,42 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, 
jlong cctx,
         char err[TCN_OPENSSL_ERROR_STRING_LENGTH];
         ERR_error_string_n(ec, err, TCN_OPENSSL_ERROR_STRING_LENGTH);
         tcn_Throw(e, "Could not determine SSL_CONF command type for '%s' 
(%s)", J2S(cmd), err);
-        return 0;
+        rc = 0;
+        goto cleanup;
     }
 
     if (value_type == SSL_CONF_TYPE_UNKNOWN) {
         tcn_Throw(e, "Invalid SSL_CONF command '%s', type unknown", J2S(cmd));
-        return SSL_THROW_RETURN;
+        rc = SSL_THROW_RETURN;
+        goto cleanup;
     }
 
     if (value_type == SSL_CONF_TYPE_FILE) {
         if (!J2S(value)) {
             tcn_Throw(e, "SSL_CONF command '%s' needs a non-empty file 
argument", J2S(cmd));
-            return SSL_THROW_RETURN;
+            rc = SSL_THROW_RETURN;
+            goto cleanup;
         }
         if (check_file(c->pool, J2S(value))) {
             tcn_Throw(e, "SSL_CONF command '%s' file '%s' does not exist or is 
empty", J2S(cmd), J2S(value));
-            return SSL_THROW_RETURN;
+            rc = SSL_THROW_RETURN;
+            goto cleanup;
         }
     }
     else if (value_type == SSL_CONF_TYPE_DIR) {
         if (!J2S(value)) {
             tcn_Throw(e, "SSL_CONF command '%s' needs a non-empty directory 
argument", J2S(cmd));
-            return SSL_THROW_RETURN;
+            rc = SSL_THROW_RETURN;
+            goto cleanup;
         }
         if (check_dir(c->pool, J2S(value))) {
             tcn_Throw(e, "SSL_CONF command '%s' directory '%s' does not 
exist", J2S(cmd), J2S(value));
-            return SSL_THROW_RETURN;
+            rc = SSL_THROW_RETURN;
+            goto cleanup;
         }
     }
 
+cleanup:
     TCN_FREE_CSTRING(cmd);
     TCN_FREE_CSTRING(value);
     return rc;
@@ -279,7 +283,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong 
cctx,
     TCN_ASSERT(c->cctx != 0);
     if (!J2S(cmd)) {
         tcn_Throw(e, "Can not apply null SSL_CONF command");
-        return SSL_THROW_RETURN;
+        rc = SSL_THROW_RETURN;
+        goto cleanup;
     }
 #ifndef HAVE_EXPORT_CIPHERS
     if (!strcmp(J2S(cmd), "CipherString")) {
@@ -291,7 +296,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong 
cctx,
         buf = malloc(len * sizeof(char));
         if (buf == NULL) {
             tcn_Throw(e, "Could not allocate memory to adjust cipher string");
-            return SSL_THROW_RETURN;
+            rc = SSL_THROW_RETURN;
+            goto cleanup;
         }
         memcpy(buf, SSL_CIPHERS_ALWAYS_DISABLED, 
strlen(SSL_CIPHERS_ALWAYS_DISABLED));
         memcpy(buf + strlen(SSL_CIPHERS_ALWAYS_DISABLED), J2S(value), 
strlen(J2S(value)));
@@ -303,18 +309,16 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, 
jlong cctx,
             c->no_ocsp_check = 0;
         else
             c->no_ocsp_check = 1;
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
     if (!strcmp(J2S(cmd), "OCSP_SOFT_FAIL")) {
         if (!strcasecmp(J2S(value), "false"))
             c->ocsp_soft_fail = 0;
         else
             c->ocsp_soft_fail = 1;
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
     if (!strcmp(J2S(cmd), "OCSP_TIMEOUT")) {
         int i;
@@ -324,9 +328,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong 
cctx,
             // Tomcat configures timeout is millisecond. APR uses microseconds.
             c->ocsp_timeout = i * 1000;
         }
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
     if (!strcmp(J2S(cmd), "OCSP_VERIFY_FLAGS")) {
         int i;
@@ -335,9 +338,8 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong 
cctx,
         if (!errno) {
             c->ocsp_verify_flags = i;
         }
-        TCN_FREE_CSTRING(cmd);
-        TCN_FREE_CSTRING(value);
-        return 1;
+        rc = 1;
+        goto cleanup;
     }
     SSL_ERR_clear();
     rc = SSL_CONF_cmd(c->cctx, J2S(cmd), buf != NULL ? buf : J2S(value));
@@ -350,8 +352,11 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, 
jlong cctx,
         } else {
             tcn_Throw(e, "Could not apply SSL_CONF command '%s' with value 
'%s'", J2S(cmd), buf != NULL ? buf : J2S(value));
         }
-        return SSL_THROW_RETURN;
+        rc = SSL_THROW_RETURN;
+        goto cleanup;
     }
+
+cleanup:
 #ifndef HAVE_EXPORT_CIPHERS
     if (buf != NULL) {
         free(buf);
diff --git a/xdocs/miscellaneous/changelog.xml 
b/xdocs/miscellaneous/changelog.xml
index 2fdd0159c..6792d07a4 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -41,6 +41,10 @@
       Fix unnecessarily large buffer allocation when filtering out NULL and
       export ciphers. Pull request <pr>35</pr> provided by chenjp. (markt)
     </fix>
+    <fix>
+      Fix a potential memory leak if an invalid <code>OpenSSLConf</code> is
+      provided. Pull request <pr>36</pr> provided by chenjp. (markt)
+    </fix>
   </changelog>
 </section>
 <section name="1.3.5" rtext="2026-01-19">


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to