[Python-checkins] bpo-37702: Fix SSL's certificate-store leak on Windows (GH-15632)
Miss Islington (bot)
webhook-mailer at python.org
Mon Sep 9 09:40:48 EDT 2019
https://github.com/python/cpython/commit/472f37ab9a33050d7d50d1ebe33ba324a51c52c2
commit: 472f37ab9a33050d7d50d1ebe33ba324a51c52c2
branch: 3.7
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: GitHub <noreply at github.com>
date: 2019-09-09T06:40:42-07:00
summary:
bpo-37702: Fix SSL's certificate-store leak on Windows (GH-15632)
ssl_collect_certificates function in _ssl.c has a memory leak.
Calling CertOpenStore() and CertAddStoreToCollection(), a store's refcnt gets incremented by 2.
But CertCloseStore() is called only once and the refcnt leaves 1.
(cherry picked from commit ed70129e15ea028469145111044a4349960a4e6f)
Co-authored-by: neonene <53406459+neonene at users.noreply.github.com>
files:
A Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst
M Modules/_ssl.c
diff --git a/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst b/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst
new file mode 100644
index 000000000000..67d53d4c4627
--- /dev/null
+++ b/Misc/NEWS.d/next/Windows/2019-07-29-16-49-31.bpo-37702.Lj2f5e.rst
@@ -0,0 +1,2 @@
+Fix memory leak on Windows in creating an SSLContext object or
+running urllib.request.urlopen('https://...').
\ No newline at end of file
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index b079663cc223..91820fe9529d 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -5448,6 +5448,7 @@ ssl_collect_certificates(const char *store_name)
if (result) {
++storesAdded;
}
+ CertCloseStore(hSystemStore, 0); /* flag must be 0 */
}
}
if (storesAdded == 0) {
More information about the Python-checkins
mailing list