Curl Version: 7.12.2
File: ssluse.c
Line: 970

When I use libcurl to send https post message, my test tool alway prompt me that 10 bytes memory leak,
I find that each time I send message out, curl will called function verifyhost()(if I set the curl option), then it will
call ASN1_STRING_to_UTF8() to convert the string to UTF-8 format. But if common name does not match,
curl does not call OPENSSL_free(peer_CN) to free the peer_CN pointed memory and cause memory leak!

Detail information:
         MLK: 10 bytes leaked at 0x299c80
         This memory was allocated from:
               malloc [rtlib.o]
               CRYPTO_malloc [p7_enc_c.c]
               ASN1_mbstring_ncopy [p7_enc_c.c]
               ASN1_mbstring_copy [p7_enc_c.c]
               ASN1_STRING_to_UTF8 [p7_enc_c.c]
               verifyhost [ssluse.c:902]
                      if (i>=0) {
                        j = ASN1_STRING_to_UTF8(&peer_CN,
                                                X509_NAME_ENTRY_get_data(
               => X509_NAME_get_entry(name,i)));
                      }
Received on 2005-01-10