Fixed possible memory leak in TLS certificate handling

2 files changed, 4 insertions, 3 deletions

diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index c525346fa..03ab1df4a 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -3321,7 +3321,7 @@ static void dgaUnitTest() {
   };
   int i;
   NDPI_PROTOCOL_BITMASK all;
-  struct ndpi_detection_module_struct *ndpi_str =  ndpi_init_detection_module(ndpi_no_prefs);
+  struct ndpi_detection_module_struct *ndpi_str = ndpi_init_detection_module(ndpi_no_prefs);
 
   assert(ndpi_str != NULL);
 
@@ -3338,7 +3338,6 @@ static void dgaUnitTest() {
   for(i=0; non_dga[i] != NULL; i++)
     assert(ndpi_check_dga_name(ndpi_str, NULL, (char*)non_dga[i]) == 0);
 
-
   ndpi_exit_detection_module(ndpi_str);
 }
 
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index ec267ba5e..5642ebdf0 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -316,7 +316,9 @@ static void processCertificateElements(struct ndpi_detection_module_struct *ndpi
 	printf("[TLS] %s() IssuerDN [%s]\n", __FUNCTION__, rdnSeqBuf);
 #endif
 
-	if(rdn_len) flow->protos.stun_ssl.ssl.issuerDN = ndpi_strdup(rdnSeqBuf);
+	if(rdn_len && (flow->protos.stun_ssl.ssl.issuerDN == NULL))
+	  flow->protos.stun_ssl.ssl.issuerDN = ndpi_strdup(rdnSeqBuf);
+	
 	rdn_len = 0; /* Reset buffer */
       }