diff options
author | Pavel Kopyl <p.kopyl@samsung.com> | 2017-11-03 18:18:59 +0300 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-05-13 00:40:54 +0200 |
commit | 66e4a8944b894b9301226bad193a7d8ec330742d (patch) | |
tree | 0fdb9be941ae691568f3948afc7c59aa6b188354 | |
parent | f54b665e29a0ed8df2ea322a1f9e1b8057f13894 (diff) |
Fix memory leaks in CA related functions.
(cherry picked from commit aebd0e5ca12d1ba0b229a4121a54afa5ea2d8aa1)
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6238)
-rw-r--r-- | apps/ca.c | 5 | ||||
-rw-r--r-- | apps/verify.c | 1 | ||||
-rw-r--r-- | crypto/conf/conf_api.c | 2 | ||||
-rw-r--r-- | crypto/engine/eng_lib.c | 6 |
4 files changed, 11 insertions, 3 deletions
@@ -1176,10 +1176,13 @@ int MAIN(int argc, char **argv) if (j > 0) { total_done++; BIO_printf(bio_err, "\n"); - if (!BN_add_word(serial, 1)) + if (!BN_add_word(serial, 1)) { + X509_free(x); goto err; + } if (!sk_X509_push(cert_sk, x)) { BIO_printf(bio_err, "Memory allocation failure\n"); + X509_free(x); goto err; } } diff --git a/apps/verify.c b/apps/verify.c index c4bd197576..180ccf495c 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -277,6 +277,7 @@ static int check(X509_STORE *ctx, char *file, X509_STORE_set_flags(ctx, vflags); if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) { ERR_print_errors(bio_err); + X509_STORE_CTX_free(csc); goto end; } if (tchain) diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 4cf7553376..60c9440120 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -290,6 +290,8 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section) vv = lh_CONF_VALUE_insert(conf->data, v); OPENSSL_assert(vv == NULL); + if (lh_CONF_VALUE_error(conf->data) > 0) + goto err; ok = 1; err: if (!ok) { diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c index dc2abd28ec..b7a899fe47 100644 --- a/crypto/engine/eng_lib.c +++ b/crypto/engine/eng_lib.c @@ -188,8 +188,10 @@ void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb) if (!int_cleanup_check(1)) return; item = int_cleanup_item(cb); - if (item) - sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item); + if (item != NULL) { + if (sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item) <= 0) + OPENSSL_free(item); + } } /* The API function that performs all cleanup */ |