From 41c028be1988ad160ef2fa6feca4441bb4bca17d Mon Sep 17 00:00:00 2001
From: miod <>
Date: Tue, 28 Oct 2014 05:46:56 +0000
Subject: Check the result of sk_*_push() operations for failure. ok doug@
 jsing@

---
 src/lib/libcrypto/ts/ts_conf.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'src/lib/libcrypto/ts')

diff --git a/src/lib/libcrypto/ts/ts_conf.c b/src/lib/libcrypto/ts/ts_conf.c
index ec033b1cfc..5266f91e63 100644
--- a/src/lib/libcrypto/ts/ts_conf.c
+++ b/src/lib/libcrypto/ts/ts_conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_conf.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: ts_conf.c,v 1.8 2014/10/28 05:46:56 miod Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -110,7 +110,8 @@ end:
 	return x;
 }
 
-STACK_OF(X509) *TS_CONF_load_certs(const char *file)
+STACK_OF(X509) *
+TS_CONF_load_certs(const char *file)
 {
 	BIO *certs = NULL;
 	STACK_OF(X509) *othercerts = NULL;
@@ -126,7 +127,11 @@ STACK_OF(X509) *TS_CONF_load_certs(const char *file)
 	for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
 		X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
 		if (xi->x509) {
-			sk_X509_push(othercerts, xi->x509);
+			if (sk_X509_push(othercerts, xi->x509) == 0) {
+				sk_X509_pop_free(othercerts, X509_free);
+				othercerts = NULL;
+				goto end;
+			}
 			xi->x509 = NULL;
 		}
 	}
-- 
cgit v1.2.3-55-g6feb