From e1be1dce7722ee40ced16b1b91d5e1b9fce13d08 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 5 Aug 2016 16:21:26 +0100
Subject: [PATCH] Leak fixes.

Fix error path leaks in a2i_ASN1_STRING(), a2i_ASN1_INTEGER() and
a2i_ASN1_ENUMERATED().

Thanks to Shi Lei for reporting these issues.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 crypto/asn1/f_enum.c   | 4 ++--
 crypto/asn1/f_int.c    | 4 ++--
 crypto/asn1/f_string.c | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c
index 591c3b5781..94cd54dbee 100644
--- a/crypto/asn1/f_enum.c
+++ b/crypto/asn1/f_enum.c
@@ -160,8 +160,6 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
                                                       i * 2);
             if (sp == NULL) {
                 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-                if (s != NULL)
-                    OPENSSL_free(s);
                 goto err;
             }
             s = sp;
@@ -199,5 +197,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
  err_sl:
         ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
     }
+    if (ret != 1)
+        OPENSSL_free(s);
     return (ret);
 }
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
index 4a81f81c88..2bdc78d744 100644
--- a/crypto/asn1/f_int.c
+++ b/crypto/asn1/f_int.c
@@ -172,8 +172,6 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
                 sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
             if (sp == NULL) {
                 ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-                if (s != NULL)
-                    OPENSSL_free(s);
                 goto err;
             }
             s = sp;
@@ -211,5 +209,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
  err_sl:
         ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
     }
+    if (ret != 1)
+        OPENSSL_free(s);
     return (ret);
 }
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
index 6a6cf34714..0f7b9cfb11 100644
--- a/crypto/asn1/f_string.c
+++ b/crypto/asn1/f_string.c
@@ -166,8 +166,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
                                                       i * 2);
             if (sp == NULL) {
                 ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
-                if (s != NULL)
-                    OPENSSL_free(s);
                 goto err;
             }
             s = sp;
@@ -205,5 +203,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
  err_sl:
         ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
     }
+    if (ret != 1)
+        OPENSSL_free(s);
     return (ret);
 }
-- 
2.25.1