Fix a memory leak with di2_X509_CRL reuse

Additionally avoid undefined behavior with in-place memcpy in X509_CRL_digest. Fixes #8099 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8112)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-01-29 14:16:28 +0100
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-01-31 19:10:57 +0100
commit: a727627922b8a9ec6628ffaa2054b4b3833d674b (patch)
tree: bbce4b293c9abc0f0f54aa91327455c5e01fa2f6 /crypto/x509/x_crl.c
parent: 62b563b9df161a992fde18a0cb0d1a0969158412 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 89e13e8721..3984f0147f 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -158,6 +158,18 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
     int idx;
 
     switch (operation) {
+    case ASN1_OP_D2I_PRE:
+        if (crl->meth->crl_free) {
+            if (!crl->meth->crl_free(crl))
+                return 0;
+        }
+        AUTHORITY_KEYID_free(crl->akid);
+        ISSUING_DIST_POINT_free(crl->idp);
+        ASN1_INTEGER_free(crl->crl_number);
+        ASN1_INTEGER_free(crl->base_crl_number);
+        sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
+        /* fall thru */
+
     case ASN1_OP_NEW_POST:
         crl->idp = NULL;
         crl->akid = NULL;
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-01-29 14:16:28 +0100
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-01-31 19:10:57 +0100
commit	a727627922b8a9ec6628ffaa2054b4b3833d674b (patch)
tree	bbce4b293c9abc0f0f54aa91327455c5e01fa2f6 /crypto/x509/x_crl.c
parent	62b563b9df161a992fde18a0cb0d1a0969158412 (diff)