From ec57fdc156a48ca221514719980c70c4cdfb06e5 Mon Sep 17 00:00:00 2001 From: miod <> Date: Wed, 15 Jul 2015 17:02:03 +0000 Subject: Memory leak; Coverity CID 78836 ok beck@ --- src/lib/libcrypto/x509v3/pcy_tree.c | 14 ++++++++------ src/lib/libssl/src/crypto/x509v3/pcy_tree.c | 14 ++++++++------ 2 files changed, 16 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c index fa0e161562..9e54f233ad 100644 --- a/src/lib/libcrypto/x509v3/pcy_tree.c +++ b/src/lib/libcrypto/x509v3/pcy_tree.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcy_tree.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: pcy_tree.c,v 1.14 2015/07/15 17:02:03 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -669,7 +669,7 @@ X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, STACK_OF(X509) *certs, STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags) { - int ret; + int ret, ret2; X509_POLICY_TREE *tree = NULL; STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL; @@ -739,16 +739,18 @@ X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, /* Tree is not empty: continue */ ret = tree_calculate_authority_set(tree, &auth_nodes); - - if (!ret) + if (ret == 0) goto error; - if (!tree_calculate_user_set(tree, policy_oids, auth_nodes)) - goto error; + ret2 = tree_calculate_user_set(tree, policy_oids, auth_nodes); + /* Return value 2 means auth_nodes needs to be freed */ if (ret == 2) sk_X509_POLICY_NODE_free(auth_nodes); + if (ret2 == 0) + goto error; + if (tree) *ptree = tree; diff --git a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c index fa0e161562..9e54f233ad 100644 --- a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c +++ b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcy_tree.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */ +/* $OpenBSD: pcy_tree.c,v 1.14 2015/07/15 17:02:03 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -669,7 +669,7 @@ X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, STACK_OF(X509) *certs, STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags) { - int ret; + int ret, ret2; X509_POLICY_TREE *tree = NULL; STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL; @@ -739,16 +739,18 @@ X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, /* Tree is not empty: continue */ ret = tree_calculate_authority_set(tree, &auth_nodes); - - if (!ret) + if (ret == 0) goto error; - if (!tree_calculate_user_set(tree, policy_oids, auth_nodes)) - goto error; + ret2 = tree_calculate_user_set(tree, policy_oids, auth_nodes); + /* Return value 2 means auth_nodes needs to be freed */ if (ret == 2) sk_X509_POLICY_NODE_free(auth_nodes); + if (ret2 == 0) + goto error; + if (tree) *ptree = tree; -- cgit v1.2.3-55-g6feb