summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormiod <>2015-02-17 05:14:38 +0000
committermiod <>2015-02-17 05:14:38 +0000
commitfe5a1b127a8433e7b13c6ab22eeafa544fe26b27 (patch)
tree62821ec740059b4d5c8dccb7ed855e509b66e704
parentaf4b2ba5ef6ab61491f06cf5a4ede781137151eb (diff)
downloadopenbsd-fe5a1b127a8433e7b13c6ab22eeafa544fe26b27.tar.gz
openbsd-fe5a1b127a8433e7b13c6ab22eeafa544fe26b27.tar.bz2
openbsd-fe5a1b127a8433e7b13c6ab22eeafa544fe26b27.zip
Memory leak in error path. Coverity CID 78822.
ok doug@
Diffstat
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c17
-rw-r--r--src/lib/libssl/src/crypto/x509v3/v3_conf.c17
2 files changed, 18 insertions, 16 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
index 08b9970efb..d48a4ac65c 100644
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ b/src/lib/libcrypto/x509v3/v3_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_conf.c,v 1.16 2014/10/05 18:26:43 miod Exp $ */ 1/* $OpenBSD: v3_conf.c,v 1.17 2015/02/17 05:14:38 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -122,7 +122,6 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
122{ 122{
123 const X509V3_EXT_METHOD *method; 123 const X509V3_EXT_METHOD *method;
124 X509_EXTENSION *ext; 124 X509_EXTENSION *ext;
125 STACK_OF(CONF_VALUE) *nval;
126 void *ext_struc; 125 void *ext_struc;
127 126
128 if (ext_nid == NID_undef) { 127 if (ext_nid == NID_undef) {
@@ -136,6 +135,8 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
136 } 135 }
137 /* Now get internal extension representation based on type */ 136 /* Now get internal extension representation based on type */
138 if (method->v2i) { 137 if (method->v2i) {
138 STACK_OF(CONF_VALUE) *nval;
139
139 if (*value == '@') 140 if (*value == '@')
140 nval = NCONF_get_section(conf, value + 1); 141 nval = NCONF_get_section(conf, value + 1);
141 else 142 else
@@ -145,30 +146,30 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
145 X509V3_R_INVALID_EXTENSION_STRING); 146 X509V3_R_INVALID_EXTENSION_STRING);
146 ERR_asprintf_error_data("name=%s,section=%s", 147 ERR_asprintf_error_data("name=%s,section=%s",
147 OBJ_nid2sn(ext_nid), value); 148 OBJ_nid2sn(ext_nid), value);
149 if (*value != '@')
150 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
148 return NULL; 151 return NULL;
149 } 152 }
150 ext_struc = method->v2i(method, ctx, nval); 153 ext_struc = method->v2i(method, ctx, nval);
151 if (*value != '@') 154 if (*value != '@')
152 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); 155 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
153 if (!ext_struc)
154 return NULL;
155 } else if (method->s2i) { 156 } else if (method->s2i) {
156 if (!(ext_struc = method->s2i(method, ctx, value))) 157 ext_struc = method->s2i(method, ctx, value);
157 return NULL;
158 } else if (method->r2i) { 158 } else if (method->r2i) {
159 if (!ctx->db || !ctx->db_meth) { 159 if (!ctx->db || !ctx->db_meth) {
160 X509V3err(X509V3_F_DO_EXT_NCONF, 160 X509V3err(X509V3_F_DO_EXT_NCONF,
161 X509V3_R_NO_CONFIG_DATABASE); 161 X509V3_R_NO_CONFIG_DATABASE);
162 return NULL; 162 return NULL;
163 } 163 }
164 if (!(ext_struc = method->r2i(method, ctx, value))) 164 ext_struc = method->r2i(method, ctx, value);
165 return NULL;
166 } else { 165 } else {
167 X509V3err(X509V3_F_DO_EXT_NCONF, 166 X509V3err(X509V3_F_DO_EXT_NCONF,
168 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); 167 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
169 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid)); 168 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
170 return NULL; 169 return NULL;
171 } 170 }
171 if (ext_struc == NULL)
172 return NULL;
172 173
173 ext = do_ext_i2d(method, ext_nid, crit, ext_struc); 174 ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
174 if (method->it) 175 if (method->it)
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_conf.c b/src/lib/libssl/src/crypto/x509v3/v3_conf.c
index 08b9970efb..d48a4ac65c 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_conf.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_conf.c,v 1.16 2014/10/05 18:26:43 miod Exp $ */ 1/* $OpenBSD: v3_conf.c,v 1.17 2015/02/17 05:14:38 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -122,7 +122,6 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
122{ 122{
123 const X509V3_EXT_METHOD *method; 123 const X509V3_EXT_METHOD *method;
124 X509_EXTENSION *ext; 124 X509_EXTENSION *ext;
125 STACK_OF(CONF_VALUE) *nval;
126 void *ext_struc; 125 void *ext_struc;
127 126
128 if (ext_nid == NID_undef) { 127 if (ext_nid == NID_undef) {
@@ -136,6 +135,8 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
136 } 135 }
137 /* Now get internal extension representation based on type */ 136 /* Now get internal extension representation based on type */
138 if (method->v2i) { 137 if (method->v2i) {
138 STACK_OF(CONF_VALUE) *nval;
139
139 if (*value == '@') 140 if (*value == '@')
140 nval = NCONF_get_section(conf, value + 1); 141 nval = NCONF_get_section(conf, value + 1);
141 else 142 else
@@ -145,30 +146,30 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
145 X509V3_R_INVALID_EXTENSION_STRING); 146 X509V3_R_INVALID_EXTENSION_STRING);
146 ERR_asprintf_error_data("name=%s,section=%s", 147 ERR_asprintf_error_data("name=%s,section=%s",
147 OBJ_nid2sn(ext_nid), value); 148 OBJ_nid2sn(ext_nid), value);
149 if (*value != '@')
150 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
148 return NULL; 151 return NULL;
149 } 152 }
150 ext_struc = method->v2i(method, ctx, nval); 153 ext_struc = method->v2i(method, ctx, nval);
151 if (*value != '@') 154 if (*value != '@')
152 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); 155 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
153 if (!ext_struc)
154 return NULL;
155 } else if (method->s2i) { 156 } else if (method->s2i) {
156 if (!(ext_struc = method->s2i(method, ctx, value))) 157 ext_struc = method->s2i(method, ctx, value);
157 return NULL;
158 } else if (method->r2i) { 158 } else if (method->r2i) {
159 if (!ctx->db || !ctx->db_meth) { 159 if (!ctx->db || !ctx->db_meth) {
160 X509V3err(X509V3_F_DO_EXT_NCONF, 160 X509V3err(X509V3_F_DO_EXT_NCONF,
161 X509V3_R_NO_CONFIG_DATABASE); 161 X509V3_R_NO_CONFIG_DATABASE);
162 return NULL; 162 return NULL;
163 } 163 }
164 if (!(ext_struc = method->r2i(method, ctx, value))) 164 ext_struc = method->r2i(method, ctx, value);
165 return NULL;
166 } else { 165 } else {
167 X509V3err(X509V3_F_DO_EXT_NCONF, 166 X509V3err(X509V3_F_DO_EXT_NCONF,
168 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); 167 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
169 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid)); 168 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
170 return NULL; 169 return NULL;
171 } 170 }
171 if (ext_struc == NULL)
172 return NULL;
172 173
173 ext = do_ext_i2d(method, ext_nid, crit, ext_struc); 174 ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
174 if (method->it) 175 if (method->it)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 21:20:17 +0000