diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-12-03 11:41:51 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-12-12 19:50:46 +0100 |
commit | 5b10b921130392d5ce8df54b77d95c84aa48802a (patch) | |
tree | 890f3f80713b9f7feeb07999839b29291b130356 /apps | |
parent | 9365c84a8f63cb3d242af377d96ce28c024025ca (diff) |
Fix a possible memleak in opt_verify
The ASN1_OBJECT otmp was leaked if X509_VERIFY_PARAM_add0_policy fails.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22922)
(cherry picked from commit d6688e45fa2f987f3ffd324e19922468beee5ddc)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/lib/opt.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/apps/lib/opt.c b/apps/lib/opt.c index 2d61ac9a78..0490c39c25 100644 --- a/apps/lib/opt.c +++ b/apps/lib/opt.c @@ -726,7 +726,12 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm) opt_printf_stderr("%s: Invalid Policy %s\n", prog, opt_arg()); return 0; } - X509_VERIFY_PARAM_add0_policy(vpm, otmp); + if (!X509_VERIFY_PARAM_add0_policy(vpm, otmp)) { + ASN1_OBJECT_free(otmp); + opt_printf_stderr("%s: Internal error adding Policy %s\n", + prog, opt_arg()); + return 0; + } break; case OPT_V_PURPOSE: /* purpose name -> purpose index */ |