do_ext_i2d: free ext_der or ext_oct on error path
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 21:47:45 +0000 (22:47 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Sun, 17 Aug 2014 16:56:24 +0000 (18:56 +0200)
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/x509v3/v3_conf.c

index b570b6e..6e9beef 100644 (file)
@@ -175,9 +175,9 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
 static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
                                  int crit, void *ext_struc)
        {
-       unsigned char *ext_der;
+       unsigned char *ext_der = NULL;
        int ext_len;
-       ASN1_OCTET_STRING *ext_oct;
+       ASN1_OCTET_STRING *ext_oct = NULL;
        X509_EXTENSION *ext;
        /* Convert internal representation to DER */
        if (method->it)
@@ -196,6 +196,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
                }
        if (!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr;
        ext_oct->data = ext_der;
+       ext_der = NULL;
        ext_oct->length = ext_len;
 
        ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
@@ -206,6 +207,10 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
 
        merr:
        X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE);
+       if (ext_der != NULL)
+               OPENSSL_free(ext_der);
+       if (ext_oct != NULL)
+               M_ASN1_OCTET_STRING_free(ext_oct);
        return NULL;
 
        }