Fix some resource leaks in the apps
authorMatt Caswell <matt@openssl.org>
Wed, 24 Aug 2016 10:22:47 +0000 (11:22 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 24 Aug 2016 10:22:47 +0000 (11:22 +0100)
Reviewed-by: Tim Hudson <tjh@openssl.org>
apps/cms.c
apps/req.c
apps/spkac.c
apps/x509.c

index 52186d2..9c41a97 100644 (file)
@@ -412,6 +412,11 @@ int cms_main(int argc, char **argv)
             noout = print = 1;
             break;
         case OPT_SECRETKEY:
+            if (secret_key != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
+                goto opthelp;
+            }
             secret_key = OPENSSL_hexstr2buf(opt_arg(), &ltmp);
             if (secret_key == NULL) {
                 BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
@@ -420,6 +425,11 @@ int cms_main(int argc, char **argv)
             secret_keylen = (size_t)ltmp;
             break;
         case OPT_SECRETKEYID:
+            if (secret_keyid != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
+                goto opthelp;
+            }
             secret_keyid = OPENSSL_hexstr2buf(opt_arg(), &ltmp);
             if (secret_keyid == NULL) {
                 BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
@@ -431,6 +441,11 @@ int cms_main(int argc, char **argv)
             pwri_pass = (unsigned char *)opt_arg();
             break;
         case OPT_ECONTENT_TYPE:
+            if (econtent_type != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
+                goto opthelp;
+            }
             econtent_type = OBJ_txt2obj(opt_arg(), 0);
             if (econtent_type == NULL) {
                 BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
index 2666124..fb37f7d 100644 (file)
@@ -295,6 +295,10 @@ int req_main(int argc, char **argv)
             days = atoi(opt_arg());
             break;
         case OPT_SET_SERIAL:
+            if (serial != NULL) {
+                /* Cannot be supplied twice */
+                goto opthelp;
+            }
             serial = s2i_ASN1_INTEGER(NULL, opt_arg());
             if (serial == NULL)
                 goto opthelp;
index b6fc46d..a365406 100644 (file)
@@ -130,8 +130,10 @@ int spkac_main(int argc, char **argv)
         spkstr = NETSCAPE_SPKI_b64_encode(spki);
 
         out = bio_open_default(outfile, 'w', FORMAT_TEXT);
-        if (out == NULL)
+        if (out == NULL) {
+            OPENSSL_free(spkstr);
             goto end;
+        }
         BIO_printf(out, "SPKAC=%s\n", spkstr);
         OPENSSL_free(spkstr);
         ret = 0;
index 05aa554..9e51012 100644 (file)
@@ -261,6 +261,10 @@ int x509_main(int argc, char **argv)
             CAserial = opt_arg();
             break;
         case OPT_SET_SERIAL:
+            if (sno != NULL) {
+                /* Cannot be supplied twice */
+                goto opthelp;
+            }
             if ((sno = s2i_ASN1_INTEGER(NULL, opt_arg())) == NULL)
                 goto opthelp;
             break;