diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2024-02-27 15:22:58 +0100 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2024-03-08 14:07:59 +0100 |
commit | ed548a183e127c4661cb3faa8e6d34472b55a5c8 (patch) | |
tree | 8c17fef01aca9e199cadd7ef764e7c9a33dbf16f | |
parent | d8796dbb4200498339c5650b18fe5da5a7df9b2b (diff) |
Fix a memory leak on successful load of CRL
Fixes #23693
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23770)
-rw-r--r-- | crypto/x509/by_file.c | 2 | ||||
-rw-r--r-- | test/recipes/60-test_x509_load_cert_file.t | 3 | ||||
-rw-r--r-- | test/x509_load_cert_file_test.c | 8 |
3 files changed, 11 insertions, 2 deletions
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index 5073c137a2..85923804ac 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) goto err; } count++; + X509_CRL_free(x); + x = NULL; } } else if (type == X509_FILETYPE_ASN1) { x = d2i_X509_CRL_bio(in, NULL); diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t index 75aeac362c..e329d7675c 100644 --- a/test/recipes/60-test_x509_load_cert_file.t +++ b/test/recipes/60-test_x509_load_cert_file.t @@ -12,4 +12,5 @@ setup("test_load_cert_file"); plan tests => 1; -ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")]))); +ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"), + srctop_file("test", "certs", "cyrillic_crl.pem")]))); diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c index 4a736071ae..c07d329915 100644 --- a/test/x509_load_cert_file_test.c +++ b/test/x509_load_cert_file_test.c @@ -12,6 +12,7 @@ #include "testutil.h" static const char *chain; +static const char *crl; static int test_load_cert_file(void) { @@ -27,12 +28,15 @@ static int test_load_cert_file(void) && TEST_int_eq(sk_X509_num(certs), 4)) ret = 1; + if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM))) + ret = 0; + OSSL_STACK_OF_X509_free(certs); X509_STORE_free(store); return ret; } -OPT_TEST_DECLARE_USAGE("cert.pem...\n") +OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n") int setup_tests(void) { @@ -45,6 +49,8 @@ int setup_tests(void) if (chain == NULL) return 0; + crl = test_get_argument(1); + ADD_TEST(test_load_cert_file); return 1; } |