Skip to content

Commit

Permalink
Fix the error handling in i2v_AUTHORITY_KEYID
Browse files Browse the repository at this point in the history
Previously if an error path is entered a leak could result.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
  • Loading branch information
mattcaswell committed Aug 24, 2021
1 parent d9bfd68 commit 8c74c9d
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 5 deletions.
38 changes: 33 additions & 5 deletions crypto/x509v3/v3_akey.c
Original file line number Diff line number Diff line change
Expand Up @@ -39,20 +39,48 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
STACK_OF(CONF_VALUE)
*extlist)
{
char *tmp;
char *tmp = NULL;
STACK_OF(CONF_VALUE) *origextlist = extlist, *tmpextlist;

if (akeyid->keyid) {
tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length);
X509V3_add_value("keyid", tmp, &extlist);
if (tmp == NULL) {
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (!X509V3_add_value("keyid", tmp, &extlist)) {
OPENSSL_free(tmp);
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
goto err;
}
OPENSSL_free(tmp);
}
if (akeyid->issuer)
extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
if (akeyid->issuer) {
tmpextlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
if (tmpextlist == NULL) {
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
goto err;
}
extlist = tmpextlist;
}
if (akeyid->serial) {
tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length);
X509V3_add_value("serial", tmp, &extlist);
if (tmp == NULL) {
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!X509V3_add_value("serial", tmp, &extlist)) {
OPENSSL_free(tmp);
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_X509_LIB);
goto err;
}
OPENSSL_free(tmp);
}
return extlist;
err:
if (origextlist == NULL)
sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free);
return NULL;
}

/*-
Expand Down
Binary file not shown.

0 comments on commit 8c74c9d

Please sign in to comment.