diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-12-03 11:41:51 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-12-12 19:50:54 +0100 |
commit | a9c4bb0282185e900c45587ced4cecf38751e3eb (patch) | |
tree | d732abe95d30e34a92e294c7c4f318e57bde153a | |
parent | fd741c691e1b26e358f828539c732a1c95bf25b2 (diff) |
Fix a possible memleak in opt_verify
The ASN1_OBJECT otmp was leaked if X509_VERIFY_PARAM_add0_policy fails.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22922)
(cherry picked from commit d6688e45fa2f987f3ffd324e19922468beee5ddc)
-rw-r--r-- | apps/lib/opt.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/apps/lib/opt.c b/apps/lib/opt.c index 157367982d..d56964dbe7 100644 --- a/apps/lib/opt.c +++ b/apps/lib/opt.c @@ -696,7 +696,12 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm) opt_printf_stderr("%s: Invalid Policy %s\n", prog, opt_arg()); return 0; } - X509_VERIFY_PARAM_add0_policy(vpm, otmp); + if (!X509_VERIFY_PARAM_add0_policy(vpm, otmp)) { + ASN1_OBJECT_free(otmp); + opt_printf_stderr("%s: Internal error adding Policy %s\n", + prog, opt_arg()); + return 0; + } break; case OPT_V_PURPOSE: /* purpose name -> purpose index */ |