From: Filippo Valsorda <filippo@golang.org>
Date: Tue, 21 May 2019 18:54:54 +0000 (-0400)
Subject: crypto/x509: fix value ownership in isSSLPolicy on macOS
X-Git-Tag: go1.13beta1~228
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=a3d4655c2435e3777c45f09650539b943bab1c66;p=gostls13.git

crypto/x509: fix value ownership in isSSLPolicy on macOS

CFDictionaryGetValueIfPresent does not take ownership of the value, so
releasing the properties dictionary before passing the value to CFEqual
can crash. Not really clear why this works most of the time.

See https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html

Fixes #28092
Hopefully fixes #30763

Change-Id: I5ee7ca276b753a48abc3aedfb78b8af68b448dd4
Reviewed-on: https://go-review.googlesource.com/c/go/+/178537
Reviewed-by: Adam Langley <agl@golang.org>
---

diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go
index e6332072d6..1c20f26acb 100644
--- a/src/crypto/x509/root_cgo_darwin.go
+++ b/src/crypto/x509/root_cgo_darwin.go
@@ -16,7 +16,7 @@ package x509
 #include <CoreFoundation/CoreFoundation.h>
 #include <Security/Security.h>
 
-static bool isSSLPolicy(SecPolicyRef policyRef) {
+static Boolean isSSLPolicy(SecPolicyRef policyRef) {
 	if (!policyRef) {
 		return false;
 	}
@@ -24,13 +24,13 @@ static bool isSSLPolicy(SecPolicyRef policyRef) {
 	if (properties == NULL) {
 		return false;
 	}
+	Boolean isSSL = false;
 	CFTypeRef value = NULL;
 	if (CFDictionaryGetValueIfPresent(properties, kSecPolicyOid, (const void **)&value)) {
-		CFRelease(properties);
-		return CFEqual(value, kSecPolicyAppleSSL);
+		isSSL = CFEqual(value, kSecPolicyAppleSSL);
 	}
 	CFRelease(properties);
-	return false;
+	return isSSL;
 }
 
 // sslTrustSettingsResult obtains the final kSecTrustSettingsResult value