diff options
author | Pauli <pauli@openssl.org> | 2021-05-12 14:22:52 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-13 18:00:36 +1000 |
commit | 66ddc0759a435672f1c48b856a0968e7f6e35a82 (patch) | |
tree | 991359e6066c85f4c292917facee4410e8005fdc | |
parent | b1423d04cdcad9dbbe2da6e4751f0895112cc977 (diff) |
x509: fix a dangling pointer
If object was pointer was passed and an error occured the object was freed & the
pointer returned. Fix this to NULL out the caller's pointer before returning.
Fixes #15115
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15238)
-rw-r--r-- | crypto/x509/x_x509.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 529d701bbb..7959ee223f 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -131,8 +131,10 @@ X509 *d2i_X509(X509 **a, const unsigned char **in, long len) /* Only cache the extensions if the cert object was passed in */ if (cert != NULL && a != NULL) { /* then cert == *a */ if (!ossl_x509v3_cache_extensions(cert)) { - if (free_on_error) + if (free_on_error) { + *a = NULL; X509_free(cert); + } cert = NULL; } } |