Skip to content

Commit

Permalink
Fix a possible memleak in opt_verify
Browse files Browse the repository at this point in the history 
The ASN1_OBJECT otmp was leaked if X509_VERIFY_PARAM_add0_policy fails.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #22922)

(cherry picked from commit d6688e4)
  • Loading branch information
@bernd-edlinger @t8m
bernd-edlinger authored and t8m committed Dec 12, 2023
1 parent fd741c6 commit a9c4bb0
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion apps/lib/opt.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -696,7 +696,12 @@ int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
opt_printf_stderr("%s: Invalid Policy %s\n", prog, opt_arg());
return 0;
}
X509_VERIFY_PARAM_add0_policy(vpm, otmp);
if (!X509_VERIFY_PARAM_add0_policy(vpm, otmp)) {
ASN1_OBJECT_free(otmp);
opt_printf_stderr("%s: Internal error adding Policy %s\n",
prog, opt_arg());
return 0;
}
break;
case OPT_V_PURPOSE:
/* purpose name -> purpose index */
Expand Down

0 comments on commit a9c4bb0

Please sign in to comment.