projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1c42216)
Don't leak memory in v2i_AUTHORITY_KEYID
authorMatt Caswell <matt@openssl.org>
Wed, 27 Apr 2016 14:03:26 +0000 (15:03 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 1 Jun 2016 17:00:53 +0000 (18:00 +0100)
The v2i_AUTHORITY_KEYID() function can leak memory under an error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/x509v3/v3_akey.c patch | blob | history

diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index a7d0b290f1951d152928ed2f3ea14b10f4e2f720..d9f770433cfb6120d05977f792e7e1bf05ed46fa 100644 (file)
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -143,12 +143,16 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
     }
 
     akeyid->issuer = gens;
+    gen = NULL;
+    gens = NULL;
     akeyid->serial = serial;
     akeyid->keyid = ikeyid;
 
     return akeyid;
 
  err:
+    sk_GENERAL_NAME_free(gens);
+    GENERAL_NAME_free(gen);
     X509_NAME_free(isname);
     ASN1_INTEGER_free(serial);
     ASN1_OCTET_STRING_free(ikeyid);
Unnamed repository; edit this file 'description' to name the repository.