Fix a mem leak on an error path in OBJ_NAME_add()

If lh_OBJ_NAME_insert() fails then the allocated |onp| value is leaked.

RT#2238

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index e43fb30a760464a6e1d45bbd9edfeec4ecedb25a..c655a908ddb8560cf76f73570a9f71d39d624d7d 100644 (file)
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -191,7 +191,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
     onp = OPENSSL_malloc(sizeof(*onp));
     if (onp == NULL) {
         /* ERROR */
     onp = OPENSSL_malloc(sizeof(*onp));
     if (onp == NULL) {
         /* ERROR */

-        return (0);
+        return 0;

     }
 
     onp->name = name;
     }
 
     onp->name = name;


@@ -216,10 +216,11 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
     } else {
         if (lh_OBJ_NAME_error(names_lh)) {
             /* ERROR */
     } else {
         if (lh_OBJ_NAME_error(names_lh)) {
             /* ERROR */

-            return (0);
+            OPENSSL_free(onp);
+            return 0;

         }
     }
         }
     }

-    return (1);
+    return 1;

 }
 
 int OBJ_NAME_remove(const char *name, int type)
 }
 
 int OBJ_NAME_remove(const char *name, int type)