Fix memory leak in _X509_REVOKED_dup The call to X509_REVOKED_new() will create two empty ASN1 structures that were never freed, but simply replaced by a copy. When doing multiple calls to CRL.get_revoked() on a big CRL, this results in a huge memory leak. This change adds two calls to free those empty ASN1 structures before replacing them with the copy. This change requires https://github.com/pyca/cryptography/pull/830 in order to work.

commit: b5b9322b960ce43b3fced797db995042c74c245d [log] [tgz]
author: Jonathan Giannuzzi <jonathan@giannuzzi.be> Thu Mar 20 15:54:29 2014 +0100
committer: Jonathan Giannuzzi <jonathan@giannuzzi.be> Sun Mar 30 21:56:40 2014 +0200
tree: a9c772599c1d6f6bacba3dc1a8a87ad5ec0b95fb
parent: f31707592c248784b2605affa06303a2cb6eb694 [diff]
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index ed0b629..65e28d7 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py

@@ -1323,9 +1323,11 @@
         _raise_current_error()
 
     if original.serialNumber != _ffi.NULL:
+        _lib.ASN1_INTEGER_free(copy.serialNumber)
         copy.serialNumber = _lib.ASN1_INTEGER_dup(original.serialNumber)
 
     if original.revocationDate != _ffi.NULL:
+        _lib.ASN1_TIME_free(copy.revocationDate)
         copy.revocationDate = _lib.M_ASN1_TIME_dup(original.revocationDate)
 
     if original.extensions != _ffi.NULL:
commit	b5b9322b960ce43b3fced797db995042c74c245d	[log] [tgz]
author	Jonathan Giannuzzi <jonathan@giannuzzi.be>	Thu Mar 20 15:54:29 2014 +0100
committer	Jonathan Giannuzzi <jonathan@giannuzzi.be>	Sun Mar 30 21:56:40 2014 +0200
tree	a9c772599c1d6f6bacba3dc1a8a87ad5ec0b95fb
parent	f31707592c248784b2605affa06303a2cb6eb694 [diff]