If OPENSSL_sk_insert() calls OPENSSL_realloc() and it fails, it was leaking
the originally allocated memory.
Reviewed-by: Rich Salz <rsalz@openssl.org>
if (st->num_alloc <= (size_t)(st->num + 1)) {
size_t doub_num_alloc = st->num_alloc * 2;
if (st->num_alloc <= (size_t)(st->num + 1)) {
size_t doub_num_alloc = st->num_alloc * 2;
/* Overflow checks */
if (doub_num_alloc < st->num_alloc)
/* Overflow checks */
if (doub_num_alloc < st->num_alloc)
if (doub_num_alloc > SIZE_MAX / sizeof(char *))
return 0;
if (doub_num_alloc > SIZE_MAX / sizeof(char *))
return 0;
- st->data = OPENSSL_realloc((char *)st->data,
- sizeof(char *) * doub_num_alloc);
- if (st->data == NULL) {
- /*
- * Reset these counters to prevent subsequent operations on
- * (now non-existing) heap memory
- */
- st->num_alloc = 0;
- st->num = 0;
+ tmpdata = OPENSSL_realloc((char *)st->data,
+ sizeof(char *) * doub_num_alloc);
+ if (tmpdata == NULL)
st->num_alloc = doub_num_alloc;
}
if ((loc >= st->num) || (loc < 0)) {
st->num_alloc = doub_num_alloc;
}
if ((loc >= st->num) || (loc < 0)) {