Fix memory leaks in CA related functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4700)

diff --git a/apps/ca.c b/apps/ca.c
index ea774ad557ebfef4db0e0de221d695b8e429ebc0..afc5e349b4b9ed8fe3a217065f27b3bca27fba3f 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -934,10 +934,13 @@ end_of_options:
             if (j > 0) {
                 total_done++;
                 BIO_printf(bio_err, "\n");
             if (j > 0) {
                 total_done++;
                 BIO_printf(bio_err, "\n");

-                if (!BN_add_word(serial, 1))
+                if (!BN_add_word(serial, 1)) {
+                    X509_free(x);

                     goto end;
                     goto end;

+                }

                 if (!sk_X509_push(cert_sk, x)) {
                     BIO_printf(bio_err, "Memory allocation failure\n");
                 if (!sk_X509_push(cert_sk, x)) {
                     BIO_printf(bio_err, "Memory allocation failure\n");

+                    X509_free(x);

                     goto end;
                 }
             }
                     goto end;
                 }
             }

diff --git a/apps/verify.c b/apps/verify.c
index 5ad6ef4151c5360383316fd993fc925bb624ba83..38377a57e4a9f7ad5bfc2b968453e2554726d31f 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -225,6 +225,7 @@ static int check(X509_STORE *ctx, const char *file,
 
     X509_STORE_set_flags(ctx, vflags);
     if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
 
     X509_STORE_set_flags(ctx, vflags);
     if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {

+        X509_STORE_CTX_free(csc);

         printf("error %s: X.509 store context initialization failed\n",
                (file == NULL) ? "stdin" : file);
         goto end;
         printf("error %s: X.509 store context initialization failed\n",
                (file == NULL) ? "stdin" : file);
         goto end;

diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index ade54839bb77bc53f1b2b0a956c6e6d225081bc1..9606b7f2227c880b2ab56c4d1aea66b35b75ada6 100644 (file)
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -204,12 +204,14 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
     v->value = (char *)sk;
 
     vv = lh_CONF_VALUE_insert(conf->data, v);
     v->value = (char *)sk;
 
     vv = lh_CONF_VALUE_insert(conf->data, v);

-    if (vv != NULL)
+    if (vv != NULL || lh_CONF_VALUE_error(conf->data) > 0)

         goto err;
     return v;
 
  err:
     sk_CONF_VALUE_free(sk);
         goto err;
     return v;
 
  err:
     sk_CONF_VALUE_free(sk);

+    if (v != NULL)
+        OPENSSL_free(v->section);

     OPENSSL_free(v);
     return NULL;
 }
     OPENSSL_free(v);
     return NULL;
 }

diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index 95736eda6a0de25f0d1822813db84a29b99bd957..9028319788fb014c3c998a7ec9a2508a07e69498 100644 (file)
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -154,8 +154,10 @@ void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
     if (!int_cleanup_check(1))
         return;
     item = int_cleanup_item(cb);
     if (!int_cleanup_check(1))
         return;
     item = int_cleanup_item(cb);

-    if (item)
-        sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
+    if (item != NULL) {
+        if (sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item) <= 0)
+            OPENSSL_free(item);
+    }

 }
 
 /* The API function that performs all cleanup */
 }
 
 /* The API function that performs all cleanup */