From e8ea76a11af489c64a364323e8d0402a41f9cb90 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Wed, 14 Oct 2015 21:12:10 +0000
Subject: fix a memory leak reported by Qualys Security. move the bndec
 variable in tighter since it's not used elsewhere in the loop, then always
 free it after use. ok bcook miod

---
 src/lib/libcrypto/objects/obj_dat.c         | 7 ++++---
 src/lib/libssl/src/crypto/objects/obj_dat.c | 7 ++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c
index 82ebb9b1d2..dab860d85c 100644
--- a/src/lib/libcrypto/objects/obj_dat.c
+++ b/src/lib/libcrypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.32 2015/10/14 21:02:08 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.33 2015/10/14 21:12:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -491,7 +491,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 {
 	int i, ret = 0, len, nid, first = 1, use_bn;
 	BIGNUM *bl = NULL;
-	char *bndec = NULL;
 	unsigned long l;
 	const unsigned char *p;
 
@@ -567,10 +566,13 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 		}
 
 		if (use_bn) {
+			char *bndec;
+
 			bndec = BN_bn2dec(bl);
 			if (!bndec)
 				goto err;
 			i = snprintf(buf, buf_len, ".%s", bndec);
+			free(bndec);
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
@@ -598,7 +600,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 	}
 
 out:
-	free(bndec);
 	BN_free(bl);
 	return ret;
 
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
index 82ebb9b1d2..dab860d85c 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.32 2015/10/14 21:02:08 beck Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.33 2015/10/14 21:12:10 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -491,7 +491,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 {
 	int i, ret = 0, len, nid, first = 1, use_bn;
 	BIGNUM *bl = NULL;
-	char *bndec = NULL;
 	unsigned long l;
 	const unsigned char *p;
 
@@ -567,10 +566,13 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 		}
 
 		if (use_bn) {
+			char *bndec;
+
 			bndec = BN_bn2dec(bl);
 			if (!bndec)
 				goto err;
 			i = snprintf(buf, buf_len, ".%s", bndec);
+			free(bndec);
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
@@ -598,7 +600,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 	}
 
 out:
-	free(bndec);
 	BN_free(bl);
 	return ret;
 
-- 
cgit v1.2.3-55-g6feb