CMS_add1_crl(): prevent double free on failure of CMS_add0_crl()

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19199)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2023-02-10 09:53:43 +0100
committer: Dr. David von Oheimb <dev@ddvo.net> 2023-02-24 08:49:08 +0100
commit: 6f9e531003fd736e8e96d9a1a57f7763da9722b8 (patch)
tree: 644490f3d1c561c4f768f9d5ab0852671654ca33 /crypto/cms
parent: ee58915cfd9d0ad67f52d43cc1a2ce549049d248 (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index b5a4b315a3..2744306959 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -620,11 +620,12 @@ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl)
 
 int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
 {
-    int r;
-    r = CMS_add0_crl(cms, crl);
-    if (r > 0)
-        X509_CRL_up_ref(crl);
-    return r;
+    if (!X509_CRL_up_ref(crl))
+        return 0;
+    if (CMS_add0_crl(cms, crl))
+        return 1;
+    X509_CRL_free(crl);
+    return 0;
 }
 
 STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2023-02-10 09:53:43 +0100
committer	Dr. David von Oheimb <dev@ddvo.net>	2023-02-24 08:49:08 +0100
commit	6f9e531003fd736e8e96d9a1a57f7763da9722b8 (patch)
tree	644490f3d1c561c4f768f9d5ab0852671654ca33 /crypto/cms
parent	ee58915cfd9d0ad67f52d43cc1a2ce549049d248 (diff)