add call to DeleteGlobalRef for native CTX-level CRL callback, only affects JNI not JSSE

cconlon · cconlon · commit c7925f45dcbf · 2021-10-12T15:50:19.000-06:00
diff --git a/native/com_wolfssl_WolfSSLContext.c b/native/com_wolfssl_WolfSSLContext.c
@@ -330,6 +330,12 @@ JNIEXPORT void JNICALL Java_com_wolfssl_WolfSSLContext_freeContext
         g_verifyCbIfaceObj = NULL;
     }
 
+    /* release global CRL callback object if set */
+    if (g_crlCtxCbIfaceObj != NULL) {
+        (*jenv)->DeleteGlobalRef(jenv, g_crlCtxCbIfaceObj);
+        g_crlCtxCbIfaceObj = NULL;
+    }
+
     /* wolfSSL checks for null pointer */
     wolfSSL_CTX_free((WOLFSSL_CTX*)(uintptr_t)ctx);
 }
@@ -1528,25 +1534,34 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLContext_setCRLCb
 
     (void)jcl;
 
-    if (!jenv || !ctx || !cb) {
+    if (jenv == NULL || ctx == 0) {
         return BAD_FUNC_ARG;
     }
 
-    /* store Java CRL callback Interface object */
-    g_crlCtxCbIfaceObj = (*jenv)->NewGlobalRef(jenv, cb);
+    /* release global CRL callback object if set */
+    if (g_crlCtxCbIfaceObj != NULL) {
+        (*jenv)->DeleteGlobalRef(jenv, g_crlCtxCbIfaceObj);
+        g_crlCtxCbIfaceObj = NULL;
+    }
 
-    if (!g_crlCtxCbIfaceObj) {
-        excClass = (*jenv)->FindClass(jenv, "com/wolfssl/WolfSSLJNIException");
-        if ((*jenv)->ExceptionOccurred(jenv)) {
-            (*jenv)->ExceptionDescribe(jenv);
-            (*jenv)->ExceptionClear(jenv);
+    if (cb != NULL) {
+        /* store Java CRL callback Interface object */
+        g_crlCtxCbIfaceObj = (*jenv)->NewGlobalRef(jenv, cb);
+
+        if (!g_crlCtxCbIfaceObj) {
+            excClass = (*jenv)->FindClass(jenv,
+                                    "com/wolfssl/WolfSSLJNIException");
+            if ((*jenv)->ExceptionOccurred(jenv)) {
+                (*jenv)->ExceptionDescribe(jenv);
+                (*jenv)->ExceptionClear(jenv);
+            }
+            (*jenv)->ThrowNew(jenv, excClass,
+                    "error storing global missing CTX CRL callback interface");
         }
-        (*jenv)->ThrowNew(jenv, excClass,
-                "error storing global missing CTX CRL callback interface");
-    }
 
-    ret = wolfSSL_CTX_SetCRL_Cb((WOLFSSL_CTX*)(uintptr_t)ctx,
-                                NativeCtxMissingCRLCallback);
+        ret = wolfSSL_CTX_SetCRL_Cb((WOLFSSL_CTX*)(uintptr_t)ctx,
+                                    NativeCtxMissingCRLCallback);
+    }
 
     return ret;
 #else
