From b7bc412eafb4c252e640719f048d3ca293b64b0f Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Mon, 25 May 2020 07:43:45 +1000
Subject: [PATCH] Coverity 1463830: Resource leaks (RESOURCE_LEAK)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/11941)

(cherry picked from commit bbc3c22c0e2b3b4b6f069712dc8322a48506b775)
---
 crypto/x509/x509_vfy.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 39e0c53de0..5bd3c4c159 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -377,6 +377,7 @@ static STACK_OF(X509) *lookup_certs_sk(X509_STORE_CTX *ctx, X509_NAME *nm)
         x = sk_X509_value(ctx->other_ctx, i);
         if (X509_NAME_cmp(nm, X509_get_subject_name(x)) == 0) {
             if (!X509_up_ref(x)) {
+                sk_X509_pop_free(sk, X509_free);
                 X509err(X509_F_LOOKUP_CERTS_SK, ERR_R_INTERNAL_ERROR);
                 ctx->error = X509_V_ERR_UNSPECIFIED;
                 return NULL;
-- 
2.25.1