ocsptool: reduce memory leaks on executionocsp-fix

2 files changed, 18 insertions, 1 deletions

diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c
index 5ab753cf84..a411a8e97e 100644
--- a/src/ocsptool-common.c
+++ b/src/ocsptool-common.c
@@ -209,6 +209,7 @@ int send_ocsp_request(const char *server,
 
 	socket_send(&hd, headers, headers_size);
 	socket_send(&hd, req.data, req.size);
+	gnutls_free(req.data);
 
 	do {
 		ret = socket_recv(&hd, buffer, sizeof(buffer));
@@ -238,6 +239,8 @@ int send_ocsp_request(const char *server,
 	memcpy(resp_data->data, p, resp_data->size);
 
 	free(ud.data);
+	if (url != server)
+		free(url);
 
 	return 0;
 }
diff --git a/src/ocsptool.c b/src/ocsptool.c
index 9493a8d436..5e38410429 100644
--- a/src/ocsptool.c
+++ b/src/ocsptool.c
@@ -281,9 +281,15 @@ static gnutls_x509_crt_t load_cert(void)
 static void generate_request(gnutls_datum_t *nonce)
 {
 	gnutls_datum_t dat;
+	gnutls_x509_crt_t cert, issuer;
+
+	cert = load_cert();
+	issuer = load_issuer();
 
-	_generate_request(load_cert(), load_issuer(), &dat, nonce);
+	_generate_request(cert, issuer, &dat, nonce);
 
+	gnutls_x509_crt_deinit(cert);
+	gnutls_x509_crt_deinit(issuer);
 	fwrite(dat.data, 1, dat.size, outfile);
 
 	gnutls_free(dat.data);
@@ -528,6 +534,10 @@ static void ask_server(const char *url)
 		fwrite(resp_data.data, 1, resp_data.size, outfile);
 	}
 
+	free(resp_data.data);
+	gnutls_x509_crt_deinit(issuer);
+	gnutls_x509_crt_deinit(cert);
+
 	if (v && !HAVE_OPT(IGNORE_ERRORS))
 		exit(1);
 }
@@ -583,5 +593,9 @@ int main(int argc, char **argv)
 		USAGE(1);
 	}
 
+	if (infile != stdin)
+		fclose(infile);
+	gnutls_global_deinit();
+
 	return 0;
 }