From d0c5a4dddf106f7d064400b054544918ade6c8d8 Mon Sep 17 00:00:00 2001
From: chengyechun <chengyechun1@huawei.com>
Date: Mon, 14 Aug 2023 15:27:40 +0800
Subject: [PATCH] fix memory leak in calc_sha256_hash

---
 ...-fix-memory-leak-in-calc_sha256_hash.patch | 27 +++++++++++++++++++
 httpd.spec                                    |  9 ++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 backport-fix-memory-leak-in-calc_sha256_hash.patch

diff --git a/backport-fix-memory-leak-in-calc_sha256_hash.patch b/backport-fix-memory-leak-in-calc_sha256_hash.patch
new file mode 100644
index 0000000..e16fc2a
--- /dev/null
+++ b/backport-fix-memory-leak-in-calc_sha256_hash.patch
@@ -0,0 +1,27 @@
+From ff558f52f528dd21eb0a77de74d828e1459cdd62 Mon Sep 17 00:00:00 2001
+From: Joe Orton <notroj@redhat.com>
+Date: Fri, 7 Jul 2023 08:04:38 PM GMT+0800
+Subject: [PATCH] fix memory leak in calc_sha256_hash
+
+Conflict:NA
+Reference:https://github.com/apache/httpd/commmit/ff558f52f528dd21eb0a77de74d828e1459cdd62
+
+---
+ modules/http2/h2_push.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/modules/http2/h2_push.c b/modules/http2/h2_push.c
+index 462c470..dd0928b 100644
+--- a/modules/http2/h2_push.c
++++ b/modules/http2/h2_push.c
+@@ -502,6 +502,7 @@ static void calc_sha256_hash(h2_push_diary *diary, apr_uint64_t *phash, h2_push
+     sha256_update(md, push->req->authority);
+     sha256_update(md, push->req->path);
+     EVP_DigestFinal(md, hash, &len);
++    EVP_MD_CTX_destroy(md);
+ 
+     val = 0;
+     for (i = 0; i != len; ++i)
+-- 
+2.23.0
+
diff --git a/httpd.spec b/httpd.spec
index 7268e78..f6ada19 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.55
-Release:          3
+Release:          4
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -71,6 +71,7 @@ Patch17:          backport-httpd-2.4.48-r1828172+.patch
 Patch18:          backport-httpd-2.4.46-htcacheclean-dont-break.patch
 Patch19:          backport-CVE-2023-27522.patch
 Patch20:          backport-CVE-2023-25690.patch
+Patch21:          backport-fix-memory-leak-in-calc_sha256_hash.patch
 
 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@@ -507,6 +508,12 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Mon Aug 14 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix memory leak in calc_sha256_hash
+
 * Thu Mar 9 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-3
 - Type:CVE
 - ID:CVE-2023-27522, CVE-2023-25690
-- 
Gitee