diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-03-03 11:17:03 +0100 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-03-13 10:17:41 -0400 |
commit | c8ee68aa28889a1b7824ee399262536202f27cc0 (patch) | |
tree | 5d7a47e84c9460df15acb63b444b45cf525a56fb /crypto | |
parent | 7321d7944e56e3cf7f5cf80679e6c88a130167f2 (diff) |
Fix a memory leak in X509_STORE_add_cert/crl error handling.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2837)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/x509/x509_lu.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index c0b6bddf9d..b7424809fd 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -369,8 +369,12 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) X509err(X509_F_X509_STORE_ADD_CERT, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret = 0; - } else - sk_X509_OBJECT_push(ctx->objs, obj); + } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) { + X509_OBJECT_free_contents(obj); + OPENSSL_free(obj); + X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE); + ret = 0; + } CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); @@ -401,8 +405,12 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) OPENSSL_free(obj); X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE); ret = 0; - } else - sk_X509_OBJECT_push(ctx->objs, obj); + } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) { + X509_OBJECT_free_contents(obj); + OPENSSL_free(obj); + X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE); + ret = 0; + } CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); |