Fix memory leak in crltest error case
authorBenjamin Kaduk <bkaduk@akamai.com>
Fri, 27 Oct 2017 14:52:06 +0000 (09:52 -0500)
committerBen Kaduk <kaduk@mit.edu>
Mon, 30 Oct 2017 15:38:01 +0000 (10:38 -0500)
This would cut out some distracting noise in the test output
if we ended up hitting these error cases.

Reported by Coverity.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4602)

test/crltest.c

index 5ea9cdc..738ca23 100644 (file)
@@ -267,6 +267,7 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
     if (flags)
         X509_VERIFY_PARAM_set_flags(param, flags);
     X509_STORE_CTX_set0_param(ctx, param);
+    param = NULL;
 
     ERR_clear_error();
     status = X509_verify_cert(ctx) == 1 ? X509_V_OK
@@ -274,6 +275,7 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
 err:
     sk_X509_pop_free(roots, X509_free);
     sk_X509_CRL_pop_free(crls, X509_CRL_free);
+    X509_VERIFY_PARAM_free(param);
     X509_STORE_CTX_free(ctx);
     X509_STORE_free(store);
     return status;