Don't leak memory in v2i_AUTHORITY_KEYID
authorMatt Caswell <matt@openssl.org>
Wed, 27 Apr 2016 14:03:26 +0000 (15:03 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 1 Jun 2016 17:00:53 +0000 (18:00 +0100)
The v2i_AUTHORITY_KEYID() function can leak memory under an error
condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/x509v3/v3_akey.c

index a7d0b29..d9f7704 100644 (file)
@@ -143,12 +143,16 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
     }
 
     akeyid->issuer = gens;
+    gen = NULL;
+    gens = NULL;
     akeyid->serial = serial;
     akeyid->keyid = ikeyid;
 
     return akeyid;
 
  err:
+    sk_GENERAL_NAME_free(gens);
+    GENERAL_NAME_free(gen);
     X509_NAME_free(isname);
     ASN1_INTEGER_free(serial);
     ASN1_OCTET_STRING_free(ikeyid);