From dc037c8e2a8b5d7ac5744a0331ea0a65978e2a72 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 20 Mar 2025 09:41:47 +0000
Subject: Plug a memory leak in x509_name_encode()

This is nearly identical to a leak fixed by miod 10 years ago in
x509_name_canon() but was missed in r1.30. This entire file needs
a metric ton of bleach, but my head currently spins too much for
tackling this, so go with the cheap one-liner.

From Niels Dossche
---
 src/lib/libcrypto/asn1/x_name.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index 7bacd83340..c60714b74f 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_name.c,v 1.44 2024/07/08 14:48:49 beck Exp $ */
+/* $OpenBSD: x_name.c,v 1.45 2025/03/20 09:41:47 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -414,8 +414,10 @@ x509_name_encode(X509_NAME *a)
 			if (!entries)
 				goto memerr;
 			if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
-			    entries))
+			    entries)) {
+				sk_X509_NAME_ENTRY_free(entries);
 				goto memerr;
+			}
 			set = entry->set;
 		}
 		if (entries == NULL /* if entry->set is bogusly -1 */ ||
-- 
cgit v1.2.3-55-g6feb