summaryrefslogtreecommitdiff
path: root/lib/libcrypto/x509
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2018-08-19 20:19:32 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2018-08-19 20:19:32 +0000
commita65fe095c72c2e6ee753fb9f3d94a8682071b517 (patch)
tree3bbb548a997b441b18bd96bb6be07b50a2d38194 /lib/libcrypto/x509
parentf33d518c0fbea073b2fadaee8f2d8d962a60f34f (diff)
Don't leak sktmp in X509_verify_cert().
CID #118791 ok jsing mestre
Diffstat (limited to 'lib/libcrypto/x509')
-rw-r--r--lib/libcrypto/x509/x509_vfy.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c
index 9b4c06310ae..e98272a6c39 100644
--- a/lib/libcrypto/x509/x509_vfy.c
+++ b/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.70 2018/04/08 16:57:57 beck Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.71 2018/08/19 20:19:31 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -496,9 +496,10 @@ X509_verify_cert(X509_STORE_CTX *ctx)
ctx->current_cert = x;
} else {
if (!sk_X509_push(ctx->chain, chain_ss)) {
- X509_free(chain_ss);
X509error(ERR_R_MALLOC_FAILURE);
- return 0;
+ ctx->error = X509_V_ERR_OUT_OF_MEM;
+ ok = 0;
+ goto end;
}
num++;
ctx->last_untrusted = num;
@@ -548,8 +549,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
ok = ctx->check_policy(ctx);
end:
- if (sktmp != NULL)
- sk_X509_free(sktmp);
+ sk_X509_free(sktmp);
X509_free(chain_ss);
/* Safety net, error returns must set ctx->error */