ssl_cert_dup: Fix memory leak
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Mon, 2 Dec 2013 20:46:46 +0000 (21:46 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Thu, 4 Dec 2014 22:48:44 +0000 (23:48 +0100)
Always use goto err on failure and call ssl_cert_free() on the error path so all
fields and "ret" itself are freed

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
ssl/ssl_cert.c

index f214baf..6dbf79a 100644 (file)
@@ -315,7 +315,7 @@ CERT *ssl_cert_dup(CERT *cert)
                        if (ret->pkeys[i].serverinfo == NULL)
                                {
                                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-                               return NULL;
+                               goto err;
                                }
                        ret->pkeys[i].serverinfo_length =
                                cert->pkeys[i].serverinfo_length;
@@ -403,28 +403,8 @@ CERT *ssl_cert_dup(CERT *cert)
 
        return(ret);
        
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
 err:
-#endif
-#ifndef OPENSSL_NO_RSA
-       if (ret->rsa_tmp != NULL)
-               RSA_free(ret->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-       if (ret->dh_tmp != NULL)
-               DH_free(ret->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-       if (ret->ecdh_tmp != NULL)
-               EC_KEY_free(ret->ecdh_tmp);
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-       custom_exts_free(&ret->cli_ext);
-       custom_exts_free(&ret->srv_ext);
-#endif
-
-       ssl_cert_clear_certs(ret);
+       ssl_cert_free(ret);
 
        return NULL;
        }