X509 verification fixes.

[openssl.git] / crypto / x509v3 / pcy_data.c

diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index 614d2b493550790436833e950b880b98ca27450b..4711b1ee927b9d824ded08083e0b7be7a4e327f8 100644 (file)
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -87,6 +87,12 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
        X509_POLICY_DATA *ret;
        if (!policy && !id)
                return NULL;
+       if (id)
+               {
+               id = OBJ_dup(id);
+               if (!id)
+                       return NULL;
+               }
        ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
        if (!ret)
                return NULL;
@@ -94,6 +100,8 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, int crit)
        if (!ret->expected_policy_set)
                {
                OPENSSL_free(ret);
+               if (id)
+                       ASN1_OBJECT_free(id);
                return NULL;
                }