From ae9853e9b54a00e3b8ccbbfc08073482ae270049 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Sun, 5 Oct 2014 18:28:56 +0000
Subject: In v2i_AUTHORITY_INFO_ACCESS(), separate object allocation from
 object push on a stack; if the latter fails, we need to free the object
 before returning failure. ok guenther@

---
 src/lib/libcrypto/x509v3/v3_info.c         | 11 ++++++++---
 src/lib/libssl/src/crypto/x509v3/v3_info.c | 11 ++++++++---
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index 8e590ed808..862f949b1b 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_info.c,v 1.18 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_info.c,v 1.19 2014/10/05 18:28:56 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -159,8 +159,13 @@ v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 	}
 	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
 		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!(acc = ACCESS_DESCRIPTION_new()) ||
-		    !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+		if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+			    ERR_R_MALLOC_FAILURE);
+			goto err;
+		}
+		if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) {
+			ACCESS_DESCRIPTION_free(acc);
 			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
 			    ERR_R_MALLOC_FAILURE);
 			goto err;
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c
index 8e590ed808..862f949b1b 100644
--- a/src/lib/libssl/src/crypto/x509v3/v3_info.c
+++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_info.c,v 1.18 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: v3_info.c,v 1.19 2014/10/05 18:28:56 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -159,8 +159,13 @@ v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 	}
 	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
 		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!(acc = ACCESS_DESCRIPTION_new()) ||
-		    !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+		if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
+			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+			    ERR_R_MALLOC_FAILURE);
+			goto err;
+		}
+		if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) {
+			ACCESS_DESCRIPTION_free(acc);
 			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
 			    ERR_R_MALLOC_FAILURE);
 			goto err;
-- 
cgit v1.2.3-55-g6feb