diff options
author | Robert Guo <robert.guo@10gen.com> | 2015-04-13 12:39:09 -0400 |
---|---|---|
committer | Ramon Fernandez <ramon.fernandez@mongodb.com> | 2015-04-13 13:34:11 -0400 |
commit | beb4833ca9c6ce5b6ec528b4fe0ce5818f75905e (patch) | |
tree | f99e89ff92f7d1b928228067ea9f8be13c888753 | |
parent | 1ff5c722724da743c57cd96d7f4c65eda8cbb3fc (diff) | |
download | mongo-beb4833ca9c6ce5b6ec528b4fe0ce5818f75905e.tar.gz |
SERVER-17832 Fix Resource Leak on SSL Connect and Accept Exception (v2.6, v3.0)
Signed-off-by: Ramon Fernandez <ramon.fernandez@mongodb.com>
-rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index ce90e9c29c7..f100277e53c 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -769,39 +769,31 @@ namespace mongo { } SSLConnection* SSLManager::connect(Socket* socket) { - SSLConnection* sslConn = new SSLConnection(_clientContext, socket, NULL, 0); - ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl); - ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO); + std::auto_ptr<SSLConnection> sslConn(new SSLConnection(_clientContext, socket, NULL, 0)); int ret; do { ret = ::SSL_connect(sslConn->ssl); - } while(!_doneWithSSLOp(sslConn, ret)); + } while(!_doneWithSSLOp(sslConn.get(), ret)); if (ret != 1) - _handleSSLError(SSL_get_error(sslConn, ret), ret); + _handleSSLError(SSL_get_error(sslConn.get(), ret), ret); - sslGuard.Dismiss(); - bioGuard.Dismiss(); - return sslConn; + return sslConn.release(); } SSLConnection* SSLManager::accept(Socket* socket, const char* initialBytes, int len) { - SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len); - ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl); - ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO); + std::auto_ptr<SSLConnection> sslConn(new SSLConnection(_serverContext, socket, initialBytes, len)); int ret; do { ret = ::SSL_accept(sslConn->ssl); - } while(!_doneWithSSLOp(sslConn, ret)); + } while(!_doneWithSSLOp(sslConn.get(), ret)); if (ret != 1) - _handleSSLError(SSL_get_error(sslConn, ret), ret); + _handleSSLError(SSL_get_error(sslConn.get(), ret), ret); - sslGuard.Dismiss(); - bioGuard.Dismiss(); - return sslConn; + return sslConn.release(); } // TODO SERVER-11601 Use NFC Unicode canonicalization |