At this point sktmp may be allocated by sk_dup(), so we need to free it.
Remove a free guard at the end while there.
Index: x509/x509_vfy.c
===================================================================
RCS file: /var/cvs/src/lib/libcrypto/x509/x509_vfy.c,v
retrieving revision 1.70
diff -u -p -r1.70 x509_vfy.c
--- x509/x509_vfy.c 8 Apr 2018 16:57:57 -0000 1.70
+++ x509/x509_vfy.c 19 Aug 2018 08:26:57 -0000
@@ -496,9 +496,10 @@ X509_verify_cert(X509_STORE_CTX *ctx)
ctx->current_cert = x;
} else {
if (!sk_X509_push(ctx->chain, chain_ss)) {
- X509_free(chain_ss);
X509error(ERR_R_MALLOC_FAILURE);
- return 0;
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = 0;
+ goto end;
}
num++;
ctx->last_untrusted = num;
@@ -548,8 +549,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
ok = ctx->check_policy(ctx);
end:
- if (sktmp != NULL)
- sk_X509_free(sktmp);
+ sk_X509_free(sktmp);
X509_free(chain_ss);
/* Safety net, error returns must set ctx->error */
