Fix two leaks in X509_REQ_to_X509
authorFdaSilvaYY <fdasilvayy@gmail.com>
Wed, 16 Mar 2016 23:15:48 +0000 (00:15 +0100)
committerFdaSilvaYY <fdasilvayy@gmail.com>
Mon, 4 Apr 2016 17:02:51 +0000 (19:02 +0200)
Issue #182

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/x509/x509_r2x.c

index a6c5941..dc7e412 100644 (file)
@@ -70,10 +70,11 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     X509 *ret = NULL;
     X509_CINF *xi = NULL;
     X509_NAME *xn;
+    EVP_PKEY *pubkey = NULL;
 
     if ((ret = X509_new()) == NULL) {
         X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
-        goto err;
+        return NULL;
     }
 
     /* duplicate the request */
@@ -89,9 +90,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     }
 
     xn = X509_REQ_get_subject_name(r);
-    if (X509_set_subject_name(ret, X509_NAME_dup(xn)) == 0)
+    if (X509_set_subject_name(ret, xn) == 0)
         goto err;
-    if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
+    if (X509_set_issuer_name(ret, xn) == 0)
         goto err;
 
     if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL)
@@ -100,12 +101,21 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
         NULL)
         goto err;
 
-    X509_set_pubkey(ret, X509_REQ_get_pubkey(r));
+    pubkey = X509_REQ_get_pubkey(r);
+    if (pubkey == NULL)
+        goto err;
+
+    if (!X509_set_pubkey(ret, pubkey))
+        goto err_pkey;
+
+    EVP_PKEY_free(pubkey);
 
     if (!X509_sign(ret, pkey, EVP_md5()))
         goto err;
     return ret;
 
+ err_pkey:
+    EVP_PKEY_free(pubkey);
  err:
     X509_free(ret);
     return NULL;