diff options
author | Matt Caswell <matt@openssl.org> | 2016-04-27 13:40:52 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-28 13:13:09 +0100 |
commit | a4e584a610e4a73f1fd7edef7e5b301c0be18bbf (patch) | |
tree | e6493c5ccc8fcd378f6b38be2929ecc5ffda3776 /crypto/ocsp | |
parent | f08e8034505ae69d6b986f20a63b705d1f012744 (diff) |
Don't leak resource on error in OCSP_url_svcloc_new
On error we could leak a ACCESS_DESCRIPTION and an ASN1_IA5STRING. Both
should be freed in the error path.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/ocsp')
-rw-r--r-- | crypto/ocsp/ocsp_ext.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c index 854da8e5c0..030ddf9dcc 100644 --- a/crypto/ocsp/ocsp_ext.c +++ b/crypto/ocsp/ocsp_ext.c @@ -509,12 +509,16 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls) goto err; ad->location->type = GEN_URI; ad->location->d.ia5 = ia5; + ia5 = NULL; if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err; + ad = NULL; urls++; } x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); err: + ASN1_IA5STRING_free(ia5); + ACCESS_DESCRIPTION_free(ad); OCSP_SERVICELOC_free(sloc); return x; } |