diff options
author | jboeuf <jboeuf@users.noreply.github.com> | 2015-08-24 14:42:45 -0700 |
---|---|---|
committer | jboeuf <jboeuf@users.noreply.github.com> | 2015-08-24 14:42:45 -0700 |
commit | 0e67ac2c6cbedf5bb1b7658970786f583feeb6e8 (patch) | |
tree | b4c9b2cfc13c50c097f9ab92d65f57b234067f0d /src/core/security | |
parent | e29e18ccf07be20da2540b8fc862894ff933aa6c (diff) | |
parent | 46f2d347629480b2dd69fda4546dc831de69518c (diff) |
Merge pull request #3034 from yang-g/sec_conn_leak
Move the default roots check before allocation
Diffstat (limited to 'src/core/security')
-rw-r--r-- | src/core/security/security_connector.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/src/core/security/security_connector.c b/src/core/security/security_connector.c index a354536dcd..ba9ac68c5f 100644 --- a/src/core/security/security_connector.c +++ b/src/core/security/security_connector.c @@ -575,6 +575,16 @@ grpc_security_status grpc_ssl_channel_security_connector_create( if (!check_request_metadata_creds(request_metadata_creds)) { goto error; } + if (config->pem_root_certs == NULL) { + pem_root_certs_size = grpc_get_default_ssl_roots(&pem_root_certs); + if (pem_root_certs == NULL || pem_root_certs_size == 0) { + gpr_log(GPR_ERROR, "Could not get default pem root certs."); + goto error; + } + } else { + pem_root_certs = config->pem_root_certs; + pem_root_certs_size = config->pem_root_certs_size; + } c = gpr_malloc(sizeof(grpc_ssl_channel_security_connector)); memset(c, 0, sizeof(grpc_ssl_channel_security_connector)); @@ -590,16 +600,6 @@ grpc_security_status grpc_ssl_channel_security_connector_create( if (overridden_target_name != NULL) { c->overridden_target_name = gpr_strdup(overridden_target_name); } - if (config->pem_root_certs == NULL) { - pem_root_certs_size = grpc_get_default_ssl_roots(&pem_root_certs); - if (pem_root_certs == NULL || pem_root_certs_size == 0) { - gpr_log(GPR_ERROR, "Could not get default pem root certs."); - goto error; - } - } else { - pem_root_certs = config->pem_root_certs; - pem_root_certs_size = config->pem_root_certs_size; - } result = tsi_create_ssl_client_handshaker_factory( config->pem_private_key, config->pem_private_key_size, config->pem_cert_chain, config->pem_cert_chain_size, pem_root_certs, |