From 0fd923e655a19db310ce5eb91695efa0cf8aab89 Mon Sep 17 00:00:00 2001 From: miod <> Date: Wed, 23 Jul 2014 20:49:52 +0000 Subject: level_add_node(): if a memory allocation failure causes us to attempt to clean up and return failure, be sure the cleanup work does NOT free objects which are still being referenced by other objects. ok guenther@ --- src/lib/libcrypto/x509v3/pcy_node.c | 11 +++++++---- src/lib/libssl/src/crypto/x509v3/pcy_node.c | 11 +++++++---- 2 files changed, 14 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/x509v3/pcy_node.c b/src/lib/libcrypto/x509v3/pcy_node.c index 36424ad1d3..839113ea2f 100644 --- a/src/lib/libcrypto/x509v3/pcy_node.c +++ b/src/lib/libcrypto/x509v3/pcy_node.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcy_node.c,v 1.4 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: pcy_node.c,v 1.5 2014/07/23 20:49:52 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -139,9 +139,9 @@ level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data, if (!tree->extra_data) tree->extra_data = sk_X509_POLICY_DATA_new_null(); if (!tree->extra_data) - goto node_error; + goto node_error_cond; if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) - goto node_error; + goto node_error_cond; } if (parent) @@ -149,9 +149,12 @@ level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data, return node; +node_error_cond: + if (level) + node = NULL; node_error: policy_node_free(node); - return 0; + return NULL; } void diff --git a/src/lib/libssl/src/crypto/x509v3/pcy_node.c b/src/lib/libssl/src/crypto/x509v3/pcy_node.c index 36424ad1d3..839113ea2f 100644 --- a/src/lib/libssl/src/crypto/x509v3/pcy_node.c +++ b/src/lib/libssl/src/crypto/x509v3/pcy_node.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcy_node.c,v 1.4 2014/06/12 15:49:31 deraadt Exp $ */ +/* $OpenBSD: pcy_node.c,v 1.5 2014/07/23 20:49:52 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -139,9 +139,9 @@ level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data, if (!tree->extra_data) tree->extra_data = sk_X509_POLICY_DATA_new_null(); if (!tree->extra_data) - goto node_error; + goto node_error_cond; if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) - goto node_error; + goto node_error_cond; } if (parent) @@ -149,9 +149,12 @@ level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data, return node; +node_error_cond: + if (level) + node = NULL; node_error: policy_node_free(node); - return 0; + return NULL; } void -- cgit v1.2.3-55-g6feb