From c294f416edb87b3e8d1d37f8bc38d74850ef8d6b Mon Sep 17 00:00:00 2001
From: beck <>
Date: Mon, 14 Sep 2020 11:35:32 +0000
Subject: Fix potential leak when tmpext fails to be added to the extension
 list.

found by llvm static analyzer
ok tb@
---
 src/lib/libcrypto/x509/x509_lib.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/lib/libcrypto/x509/x509_lib.c b/src/lib/libcrypto/x509/x509_lib.c
index 3af090fde6..211d0adfee 100644
--- a/src/lib/libcrypto/x509/x509_lib.c
+++ b/src/lib/libcrypto/x509/x509_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_lib.c,v 1.1 2020/06/04 15:19:31 jsing Exp $ */
+/* $OpenBSD: x509_lib.c,v 1.2 2020/09/14 11:35:32 beck Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -168,7 +168,11 @@ X509V3_EXT_add_alias(int nid_to, int nid_from)
 	*tmpext = *ext;
 	tmpext->ext_nid = nid_to;
 	tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
-	return X509V3_EXT_add(tmpext);
+	if (!X509V3_EXT_add(tmpext)) {
+		free(tmpext);
+		return 0;
+	}
+	return 1;
 }
 
 void
-- 
cgit v1.2.3-55-g6feb