Fix the error handling in i2v_AUTHORITY_KEYID

Previously if an error path is entered a leak could result. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
author: Matt Caswell <matt@openssl.org> 2021-08-20 15:23:32 +0100
committer: Matt Caswell <matt@openssl.org> 2021-08-24 13:19:04 +0100
commit: 8c74c9d1ade0fbdab5b815ddb747351b8b839641 (patch)
tree: 6768ad413886683497354404b71752d7e9a9c483 /crypto
parent: d9bfd68295146b6afad288ef4145aeb5eb0e6c66 (diff)
1 files changed, 33 insertions, 5 deletions
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index d9f770433c..f917142223 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -39,20 +39,48 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
                                                  STACK_OF(CONF_VALUE)
                                                  *extlist)
 {
-    char *tmp;
+    char *tmp = NULL;
+    STACK_OF(CONF_VALUE) *origextlist = extlist, *tmpextlist;
+
     if (akeyid->keyid) {
         tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
-        X509V3_add_value("keyid", tmp, &extlist);
+        if (tmp == NULL) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        if (!X509V3_add_value("keyid", tmp, &extlist)) {
+            OPENSSL_free(tmp);
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
+            goto err;
+        }
         OPENSSL_free(tmp);
     }
-    if (akeyid->issuer)
-        extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+    if (akeyid->issuer) {
+        tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+        if (tmpextlist == NULL) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
+            goto err;
+        }
+        extlist = tmpextlist;
+    }
     if (akeyid->serial) {
         tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
-        X509V3_add_value("serial", tmp, &extlist);
+        if (tmp == NULL) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (!X509V3_add_value("serial", tmp, &extlist)) {
+            OPENSSL_free(tmp);
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
+            goto err;
+        }
         OPENSSL_free(tmp);
     }
     return extlist;
+ err:
+    if (origextlist == NULL)
+        sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
+    return NULL;
 }
 
 /*-
author	Matt Caswell <matt@openssl.org>	2021-08-20 15:23:32 +0100
committer	Matt Caswell <matt@openssl.org>	2021-08-24 13:19:04 +0100
commit	8c74c9d1ade0fbdab5b815ddb747351b8b839641 (patch)
tree	6768ad413886683497354404b71752d7e9a9c483 /crypto
parent	d9bfd68295146b6afad288ef4145aeb5eb0e6c66 (diff)