When tree_calculate_user_set() fails, a jump to error failed to
deallocate a possibly allocated |auth_nodes|.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3850)
(cherry picked from commit
67f060acefae34d820ccdb2f560d86ed10633500)
X509_POLICY_TREE *tree = NULL;
STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
X509_POLICY_TREE *tree = NULL;
STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
}
/* Tree is not empty: continue */
}
/* Tree is not empty: continue */
- if ((ret = tree_calculate_authority_set(tree, &auth_nodes)) == 0 ||
- !tree_calculate_user_set(tree, policy_oids, auth_nodes))
+
+ if ((calc_ret = tree_calculate_authority_set(tree, &auth_nodes)) == 0)
- if (ret == TREE_CALC_OK_DOFREE)
+ ret = tree_calculate_user_set(tree, policy_oids, auth_nodes);
+ if (calc_ret == TREE_CALC_OK_DOFREE)
sk_X509_POLICY_NODE_free(auth_nodes);
sk_X509_POLICY_NODE_free(auth_nodes);
+ if (!ret)
+ goto error;