fix potential memory leak + improved error checking

PR: 1182

diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 9784b1421ace7ceaadc9e38fadd74f72cdc12818..e5b8c5a1acc2af779a0ed7881117d47d6a1e0884 100644 (file)
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -139,7 +139,15 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
        CONF_VALUE *cnf;
        int i, ia5org;
        pols = sk_POLICYINFO_new_null();
        CONF_VALUE *cnf;
        int i, ia5org;
        pols = sk_POLICYINFO_new_null();

+       if (pols == NULL) {
+               X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+               return NULL;
+       }

        vals =  X509V3_parse_list(value);
        vals =  X509V3_parse_list(value);

+       if (vals == NULL) {
+               X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
+               goto err;
+       }

        ia5org = 0;
        for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
                cnf = sk_CONF_VALUE_value(vals, i);
        ia5org = 0;
        for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
                cnf = sk_CONF_VALUE_value(vals, i);


@@ -178,6 +186,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
        sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
        return pols;
        err:
        sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
        return pols;
        err:

+       sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);

        sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
        return NULL;
 }
        sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
        return NULL;
 }