diff options
| author | tb <> | 2025-11-03 16:36:15 +0000 |
|---|---|---|
| committer | tb <> | 2025-11-03 16:36:15 +0000 |
| commit | 73bce59b2aaca7d3ae9dd6087472dbfdca23c83f (patch) | |
| tree | fe718990bb7d13e3fd2634f3c901355ba5dd1b97 /src/lib/libcrypto/x509 | |
| parent | 397ac5a0503a9527af9a1f166a1044a93d16bddc (diff) | |
| download | openbsd-73bce59b2aaca7d3ae9dd6087472dbfdca23c83f.tar.gz openbsd-73bce59b2aaca7d3ae9dd6087472dbfdca23c83f.tar.bz2 openbsd-73bce59b2aaca7d3ae9dd6087472dbfdca23c83f.zip | |
In nref_nos() don't leak the ASN1_INTEGER if the push fails
(A much bigger problem here is a double free for which I will send
out a diff shortly)
From Niels Dossche
Diffstat (limited to 'src/lib/libcrypto/x509')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_cpols.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libcrypto/x509/x509_cpols.c b/src/lib/libcrypto/x509/x509_cpols.c index 2c36cbd0f8..e075f462ad 100644 --- a/src/lib/libcrypto/x509/x509_cpols.c +++ b/src/lib/libcrypto/x509/x509_cpols.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_cpols.c,v 1.18 2025/11/03 16:22:13 tb Exp $ */ | 1 | /* $OpenBSD: x509_cpols.c,v 1.19 2025/11/03 16:36:15 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -680,8 +680,10 @@ nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) | |||
| 680 | X509V3error(X509V3_R_INVALID_NUMBER); | 680 | X509V3error(X509V3_R_INVALID_NUMBER); |
| 681 | goto err; | 681 | goto err; |
| 682 | } | 682 | } |
| 683 | if (!sk_ASN1_INTEGER_push(nnums, aint)) | 683 | if (!sk_ASN1_INTEGER_push(nnums, aint)) { |
| 684 | ASN1_INTEGER_free(aint); | ||
| 684 | goto merr; | 685 | goto merr; |
| 686 | } | ||
| 685 | } | 687 | } |
| 686 | return 1; | 688 | return 1; |
| 687 | 689 | ||