do_dirname: Don't change gen on failures

[openssl.git] / crypto / x509v3 / v3_alt.c

diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 807867b918c62746ce9c8558222b122c56246d12..22ec202846ec23450441f131a7a2672e61cab483 100644 (file)
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -584,24 +584,26 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 
 static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
 {
-    int ret;
-    STACK_OF(CONF_VALUE) *sk;
-    X509_NAME *nm;
+    int ret = 0;
+    STACK_OF(CONF_VALUE) *sk = NULL;
+    X509_NAME *nm = NULL;
     if (!(nm = X509_NAME_new()))
-        return 0;
+        goto err;
     sk = X509V3_get_section(ctx, value);
     if (!sk) {
         X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
         ERR_add_error_data(2, "section=", value);
-        X509_NAME_free(nm);
-        return 0;
+        goto err;
     }
     /* FIXME: should allow other character types... */
     ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
     if (!ret)
-        X509_NAME_free(nm);
+        goto err;
     gen->d.dirn = nm;
-    X509V3_section_free(ctx, sk);
 
+err:
+    if (ret == 0)
+        X509_NAME_free(nm);
+    X509V3_section_free(ctx, sk);
     return ret;
 }