Fix coverity issue: CID 1466479 - Resource leak in apps/pkcs12.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12847)
author: Shane Lontis <shane.lontis@oracle.com> 2020-09-10 18:45:39 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2020-09-12 15:57:24 +1000
commit: 5e8cd0a4f48f06df2542e7c74dcbb4310bce7c4c (patch)
tree: 0b9856bae4c4f555d250bb6c980ae2a19b3b66a3 /apps/pkcs12.c
parent: 97f7a6d42e9d2f38969aff75b0d8f00d934ac8cf (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index f5bb18a8db..23ffa98f77 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -541,13 +541,15 @@ int pkcs12_main(int argc, char **argv)
             X509_STORE_free(store);
 
             if (vret == X509_V_OK) {
+                int add_certs;
                 /* Remove from chain2 the first (end entity) certificate */
                 X509_free(sk_X509_shift(chain2));
                 /* Add the remaining certs (except for duplicates) */
-                if (!X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
-                                    | X509_ADD_FLAG_NO_DUP))
-                    goto export_end;
+                add_certs = X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
+                                           | X509_ADD_FLAG_NO_DUP);
                 sk_X509_pop_free(chain2, X509_free);
+                if (!add_certs)
+                    goto export_end;
             } else {
                 if (vret != X509_V_ERR_UNSPECIFIED)
                     BIO_printf(bio_err, "Error getting chain: %s\n",
author	Shane Lontis <shane.lontis@oracle.com>	2020-09-10 18:45:39 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2020-09-12 15:57:24 +1000
commit	5e8cd0a4f48f06df2542e7c74dcbb4310bce7c4c (patch)
tree	0b9856bae4c4f555d250bb6c980ae2a19b3b66a3 /apps/pkcs12.c
parent	97f7a6d42e9d2f38969aff75b0d8f00d934ac8cf (diff)