The branch OpenSSL_1_0_2-stable has been updated
via c8ee68aa28889a1b7824ee399262536202f27cc0 (commit)
from 7321d7944e56e3cf7f5cf80679e6c88a130167f2 (commit)
- Log -----------------------------------------------------------------
commit c8ee68aa28889a1b7824ee399262536202f27cc0
Author: Bernd Edlinger <[email protected]>
Date: Fri Mar 3 11:17:03 2017 +0100
Fix a memory leak in X509_STORE_add_cert/crl error handling.
Reviewed-by: Richard Levitte <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/2837)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_lu.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index c0b6bdd..b742480 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -369,8 +369,12 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
X509err(X509_F_X509_STORE_ADD_CERT,
X509_R_CERT_ALREADY_IN_HASH_TABLE);
ret = 0;
- } else
- sk_X509_OBJECT_push(ctx->objs, obj);
+ } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
+ X509_OBJECT_free_contents(obj);
+ OPENSSL_free(obj);
+ X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
+ ret = 0;
+ }
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
@@ -401,8 +405,12 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
OPENSSL_free(obj);
X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
ret = 0;
- } else
- sk_X509_OBJECT_push(ctx->objs, obj);
+ } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
+ X509_OBJECT_free_contents(obj);
+ OPENSSL_free(obj);
+ X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
+ ret = 0;
+ }
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
