Fix crahses and leaks in pkcs12 utility -chain option

author: Dr. Stephen Henson <steve@openssl.org> 2002-08-22 21:54:51 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2002-08-22 21:54:51 +0000
commit: 9a2601033dcf12c3c8075719264cfea4985a8562 (patch)
tree: 27c03f30dad3966698709309321fabb7d491a41b /apps/pkcs12.c
parent: fbb311a7d2de8f615d28f60429a906adf92b9316 (diff)
1 files changed, 4 insertions, 6 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 73550d1801..1697f6157f 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -508,9 +508,10 @@ int MAIN(int argc, char **argv)
 		    /* Exclude verified certificate */
 		    for (i = 1; i < sk_X509_num (chain2) ; i++) 
 			sk_X509_push(certs, sk_X509_value (chain2, i));
-		}
-		sk_X509_free(chain2);
-		if (vret) {
+		    /* Free first certificate */
+		    X509_free(sk_X509_value(chain2, 0));
+		    sk_X509_free(chain2);
+		} else {
 			BIO_printf (bio_err, "Error %s getting chain.\n",
 					X509_verify_cert_error_string(vret));
 			goto export_end;
@@ -537,8 +538,6 @@ int MAIN(int argc, char **argv)
 	}
 	sk_X509_pop_free(certs, X509_free);
 	certs = NULL;
-	/* ucert is part of certs so it is already freed */
-	ucert = NULL;
 
 #ifdef CRYPTO_MDEBUG
 	CRYPTO_pop_info();
@@ -627,7 +626,6 @@ int MAIN(int argc, char **argv)
 	if (certs) sk_X509_pop_free(certs, X509_free);
 	if (safes) sk_PKCS7_pop_free(safes, PKCS7_free);
 	if (bags) sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	if (ucert) X509_free(ucert);
 
 #ifdef CRYPTO_MDEBUG
 	CRYPTO_pop_info();
author	Dr. Stephen Henson <steve@openssl.org>	2002-08-22 21:54:51 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2002-08-22 21:54:51 +0000
commit	9a2601033dcf12c3c8075719264cfea4985a8562 (patch)
tree	27c03f30dad3966698709309321fabb7d491a41b /apps/pkcs12.c
parent	fbb311a7d2de8f615d28f60429a906adf92b9316 (diff)