Fix a double free in ca command line
authorMatt Caswell <matt@openssl.org>
Mon, 10 Oct 2016 15:53:11 +0000 (16:53 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 28 Oct 2016 08:30:40 +0000 (09:30 +0100)
Providing a spkac file with no default section causes a double free.

Thanks to Brian Carpenter for reporting this issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 229bd12487f8576fc088dc4f641950ac33c62033)

apps/ca.c

index 03e08b4a636bf7f0dc1e869623c2c18c30cb1c0a..af7bb72e69c09217efc11b32616f0cca2cec59af 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1917,7 +1917,6 @@ static int certify_spkac(X509 **xret, const char *infile, EVP_PKEY *pkey,
     sk = CONF_get_section(parms, "default");
     if (sk_CONF_VALUE_num(sk) == 0) {
         BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
-        CONF_free(parms);
         goto end;
     }