This issue is caused by OpenSSL API 'SSL_get_peer_certificate' in modules/ssl/ssl_engine_vars.c:107: x = SSL_get_peer_certificate(sslconn->ssl); According to OpenSSL API document: "SSL_get_peer_certificate() returns a pointer to the X509 certificate the peer presented. The X509 object must be explicitly freed using X509_free()." So 'x' should be freed by 'X509_free(x)' to avoid a memory leak.
Nice catch, do you have some tool to check for this or manual review? Fixed in r1875647.
Thank you for your quick reply. We are working on an automatic tool to do that work, and we will release it later.
We found another similar bug in support/ab.c:728, please check it.
Thanks again, fixed that one in r1910847.