BUG/MINOR: ssl_sock: Fix memory leak when disabling compression

chipitsine · wtarreau · commit e242f3dfb8ae · 2019-05-25T07:45:55.000+02:00
according to manpage:

       sk_TYPE_zero() sets the number of elements in sk to zero. It
       does not free sk so after this call sk is still valid.

so we need to free all elements

[wt: seems like it has been there forever and should be backported
 to all stable branches]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
@@ -9702,6 +9702,7 @@ __attribute__((constructor))
 static void __ssl_sock_init(void)
 {
 	STACK_OF(SSL_COMP)* cm;
+	int n;
 
 	if (global_ssl.listen_default_ciphers)
 		global_ssl.listen_default_ciphers = strdup(global_ssl.listen_default_ciphers);
@@ -9719,7 +9720,11 @@ static void __ssl_sock_init(void)
 	SSL_library_init();
 #endif
 	cm = SSL_COMP_get_compression_methods();
-	sk_SSL_COMP_zero(cm);
+	n = sk_SSL_COMP_num(cm);
+	while (n--) {
+		(void) sk_SSL_COMP_pop(cm);
+	}
+
 #if defined(USE_THREAD) && (HA_OPENSSL_VERSION_NUMBER < 0x10100000L)
 	ssl_locking_init();
 #endif
