ssl_cert_dup: Fix memory leak

Always use goto err on failure and call ssl_cert_free() on the error path so all fields and "ret" itself are freed Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Jonas Maebe <jonas.maebe@elis.ugent.be> 2013-12-02 21:46:46 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2014-12-04 23:48:44 +0100
commit: b3b966fb878766c67060d384fb4f917ea16269a7 (patch)
tree: 81b5f40da802df2062ccf610aee802c0951e19b6 /ssl/ssl_cert.c
parent: 6c42b39c95b26f8a48f19aabb78546d7814de978 (diff)
1 files changed, 2 insertions, 22 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index f214bafe4a..6dbf79a488 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -315,7 +315,7 @@ CERT *ssl_cert_dup(CERT *cert)
 			if (ret->pkeys[i].serverinfo == NULL)
 				{
 				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-				return NULL;
+				goto err;
 				}
 			ret->pkeys[i].serverinfo_length =
 				cert->pkeys[i].serverinfo_length;
@@ -403,28 +403,8 @@ CERT *ssl_cert_dup(CERT *cert)
 
 	return(ret);
 	
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
 err:
-#endif
-#ifndef OPENSSL_NO_RSA
-	if (ret->rsa_tmp != NULL)
-		RSA_free(ret->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-	if (ret->dh_tmp != NULL)
-		DH_free(ret->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-	if (ret->ecdh_tmp != NULL)
-		EC_KEY_free(ret->ecdh_tmp);
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-	custom_exts_free(&ret->cli_ext);
-	custom_exts_free(&ret->srv_ext);
-#endif
-
-	ssl_cert_clear_certs(ret);
+	ssl_cert_free(ret);
 
 	return NULL;
 	}
author	Jonas Maebe <jonas.maebe@elis.ugent.be>	2013-12-02 21:46:46 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2014-12-04 23:48:44 +0100
commit	b3b966fb878766c67060d384fb4f917ea16269a7 (patch)
tree	81b5f40da802df2062ccf610aee802c0951e19b6 /ssl/ssl_cert.c
parent	6c42b39c95b26f8a48f19aabb78546d7814de978 (diff)