Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().
diff --git a/Misc/NEWS b/Misc/NEWS
index 474609e..41b7ad2 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -93,6 +93,8 @@
Library
-------
+- Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().
+
- Issue #13987: HTMLParser is now able to handle EOFs in the middle of a
construct and malformed start tags.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index eaf67c4..e692b5d 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -644,15 +644,20 @@
goto fail1;
}
/* now, there's typically a dangling RDN */
- if ((rdn != NULL) && (PyList_Size(rdn) > 0)) {
- rdnt = PyList_AsTuple(rdn);
- Py_DECREF(rdn);
- if (rdnt == NULL)
- goto fail0;
- retcode = PyList_Append(dn, rdnt);
- Py_DECREF(rdnt);
- if (retcode < 0)
- goto fail0;
+ if (rdn != NULL) {
+ if (PyList_GET_SIZE(rdn) > 0) {
+ rdnt = PyList_AsTuple(rdn);
+ Py_DECREF(rdn);
+ if (rdnt == NULL)
+ goto fail0;
+ retcode = PyList_Append(dn, rdnt);
+ Py_DECREF(rdnt);
+ if (retcode < 0)
+ goto fail0;
+ }
+ else {
+ Py_DECREF(rdn);
+ }
}
/* convert list to tuple */