From 74d6762543335641e4155fd84deaba67cd0105e4 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@openssl.org>
Date: Tue, 10 May 2016 13:41:06 -0400
Subject: [PATCH] GH837: Avoid double-free in OCSP parse.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
---
 crypto/ocsp/ocsp_lib.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index cabf53933a..ff781e56e7 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -271,12 +271,18 @@ int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
  err:
     if (buf)
         OPENSSL_free(buf);
-    if (*ppath)
+    if (*ppath) {
         OPENSSL_free(*ppath);
-    if (*pport)
+        *ppath = NULL;
+    }
+    if (*pport) {
         OPENSSL_free(*pport);
-    if (*phost)
+        *pport = NULL;
+    }
+    if (*phost) {
         OPENSSL_free(*phost);
+        *phost = NULL;
+    }
     return 0;
 
 }
-- 
2.25.1