The branch OpenSSL_1_1_1-stable has been updated via cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 (commit) from 191570d0b94c88fa95b3c223456863448d697fce (commit)
- Log ----------------------------------------------------------------- commit cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 Author: Matt Caswell <m...@openssl.org> Date: Tue Mar 12 10:21:39 2019 +0000 Fix memory leaks in pkread.c demo file Also make various changes to bring the file into line with current coding style. Fixes #8456 Reviewed-by: Paul Dale <paul.d...@oracle.com> Reviewed-by: Paul Yang <yang.y...@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/8457) (cherry picked from commit 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551) ----------------------------------------------------------------------- Summary of changes: demos/pkcs12/pkread.c | 46 +++++++++++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 19 deletions(-) diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c index 3f7913b..32a899f 100644 --- a/demos/pkcs12/pkread.c +++ b/demos/pkcs12/pkread.c @@ -17,7 +17,7 @@ static char *find_friendly_name(PKCS12 *p12) { - STACK_OF(PKCS7) *safes = PKCS12_unpack_authsafes(p12); + STACK_OF(PKCS7) *safes; int n, m; char *name = NULL; PKCS7 *safe; @@ -48,56 +48,64 @@ static char *find_friendly_name(PKCS12 *p12) int main(int argc, char **argv) { FILE *fp; - EVP_PKEY *pkey; - X509 *cert; + EVP_PKEY *pkey = NULL; + X509 *cert = NULL; STACK_OF(X509) *ca = NULL; - PKCS12 *p12; - const char *name; - int i; + PKCS12 *p12 = NULL; + char *name = NULL; + int i, ret = EXIT_FAILURE; if (argc != 4) { fprintf(stderr, "Usage: pkread p12file password opfile\n"); - exit(1); + exit(EXIT_FAILURE); } - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); + if ((fp = fopen(argv[1], "rb")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + exit(EXIT_FAILURE); } p12 = d2i_PKCS12_fp(fp, NULL); fclose(fp); - if (!p12) { + if (p12 == NULL) { fprintf(stderr, "Error reading PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) { fprintf(stderr, "Error parsing PKCS#12 file\n"); ERR_print_errors_fp(stderr); - exit(1); + goto err; } name = find_friendly_name(p12); PKCS12_free(p12); if ((fp = fopen(argv[3], "w")) == NULL) { fprintf(stderr, "Error opening file %s\n", argv[1]); - exit(1); + goto err; } - if (name) + if (name != NULL) fprintf(fp, "***Friendly Name***\n%s\n", name); - if (pkey) { + if (pkey != NULL) { fprintf(fp, "***Private Key***\n"); PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL); } - if (cert) { + if (cert != NULL) { fprintf(fp, "***User Certificate***\n"); PEM_write_X509_AUX(fp, cert); } - if (ca && sk_X509_num(ca)) { + if (ca != NULL && sk_X509_num(ca) > 0) { fprintf(fp, "***Other Certificates***\n"); for (i = 0; i < sk_X509_num(ca); i++) PEM_write_X509_AUX(fp, sk_X509_value(ca, i)); } fclose(fp); - return 0; + + ret = EXIT_SUCCESS; + + err: + OPENSSL_free(name); + X509_free(cert); + EVP_PKEY_free(pkey); + sk_X509_pop_free(ca, X509_free); + + return ret; }