Fix memory leak on bad inputs.

author Bodo Möller <bodo@openssl.org>

Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)

committer Bodo Möller <bodo@openssl.org>

Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)
author Bodo Möller <bodo@openssl.org>
Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)
committer Bodo Möller <bodo@openssl.org>
Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)
diff --git a/CHANGES b/CHANGES

index b8dde65d40f26a9e3cb9f9e95db6ffdd33a70700..98992f5a12d8b7909197f46e15895a07b56227fd 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -418,6 +418,9 @@
  
   Changes between 1.0.0d and 1.0.0e [xx XXX xxxx]
  
+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
    *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
       signature public key algorithm by using OID xref utilities instead.
       Before this you could only use some ECC ciphersuites with SHA1 only.
@@ -1312,6 +1315,9 @@
    
   Changes between 0.9.8r and 0.9.8s [xx XXX xxxx]
  
+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
    *) Add protection against ECDSA timing attacks as mentioned in the paper
       by Billy Bob Brumley and Nicola Tuveri, see:
  
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c

index 063bf7c16bfbe0490aa6c9d6aaf7a180be6b8173..49be08b4daab7d43ba4ccaebd5f164e261264cd9 100644 (file)
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -214,7 +214,9 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
         *val = nm.a;
         *in = p;
         return ret;
-       err:
+err:
+        if (nm.x != NULL)
+               X509_NAME_free(nm.x);
         ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
         return 0;
  }
author	Bodo Möller <bodo@openssl.org>
	Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Mon, 5 Sep 2011 09:57:20 +0000 (09:57 +0000)
CHANGES		patch \| blob \| history
crypto/asn1/x_name.c		patch \| blob \| history