summaryrefslogtreecommitdiff
path: root/src/regress/lib/libtls/verify
diff options
context:
space:
mode:
authortb <>2023-08-30 00:49:32 +0000
committertb <>2023-08-30 00:49:32 +0000
commita4768fca91b9eaa7e7367f0ccf398b87f09e1fb8 (patch)
treecf2270b763fddcceabb1039a124d6f8f26d81b4d /src/regress/lib/libtls/verify
parent09dcbefdff671a2602d306db8c2ca196ca43a8d7 (diff)
downloadopenbsd-a4768fca91b9eaa7e7367f0ccf398b87f09e1fb8.tar.gz
openbsd-a4768fca91b9eaa7e7367f0ccf398b87f09e1fb8.tar.bz2
openbsd-a4768fca91b9eaa7e7367f0ccf398b87f09e1fb8.zip
Fix leaks in copy_issuer()
The stack of subject alternative names from the issuer is parsed using X509V3_EXT_d2i(), so it must be freed with sk_GENERAL_NAME_pop_free(). It's not worth doing complicated ownership handling when the individual alternative names can be copied with GENERAL_NAME_dup(). Previously, ialt and its remaining members would be leaked when the call to sk_GENERAL_NAME_push() failed halfway through. This is only reachable via the issuer:copy x509v3.cnf(5) directive. ok jsing
Diffstat (limited to 'src/regress/lib/libtls/verify')
0 files changed, 0 insertions, 0 deletions