Fix a double free in v2i_NAME_CONSTRAINTS()

a2i_GENERAL_NAME() modifies and returns the out argument that was passed in unless out == NULL, in which case it returns something freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly. Issue reported by Volker Schlecht ok jsing
author: tb <> 2022-02-11 17:37:54 +0000
committer: tb <> 2022-02-11 17:37:54 +0000
commit: 3e9423819d5b05b96cf6ad8d411708c75f9afbc5 (patch)
tree: 02b71ac3a99dd34249dd79d0ed13b935d13ccc1e /src/lib/libcrypto/x509
parent: 5a95a1e434fed62d317d132f1d2d12a20fcbc2a0 (diff)
download: openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.tar.gz
openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.tar.bz2
openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_alt.c b/src/lib/libcrypto/x509/x509_alt.c
index a7c1a8c6a1..9dbca9d1e9 100644
--- a/src/lib/libcrypto/x509/x509_alt.c
+++ b/src/lib/libcrypto/x509/x509_alt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_alt.c,v 1.5 2021/10/28 10:58:23 tb Exp $ */
+/* $OpenBSD: x509_alt.c,v 1.6 2022/02/11 17:37:54 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -686,7 +686,8 @@ v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
        }
        return ret;
 err:
-        GENERAL_NAME_free(ret);
+        if (out == NULL)
+                GENERAL_NAME_free(ret);
        return NULL;
 }
author	tb <>	2022-02-11 17:37:54 +0000
committer	tb <>	2022-02-11 17:37:54 +0000
commit	3e9423819d5b05b96cf6ad8d411708c75f9afbc5 (patch)
tree	02b71ac3a99dd34249dd79d0ed13b935d13ccc1e /src/lib/libcrypto/x509
parent	5a95a1e434fed62d317d132f1d2d12a20fcbc2a0 (diff)
download	openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.tar.gz openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.tar.bz2 openbsd-3e9423819d5b05b96cf6ad8d411708c75f9afbc5.zip