diff options
| author | Matt Caswell <matt@openssl.org> | 2016-04-27 17:50:14 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-06-01 19:00:53 +0200 |
| commit | 379a8ed1ffdbb0c8dbf89b2777b1b710f968db6e (patch) | |
| tree | 5ba3eaaf0b61ef0630d689bc65c74ca8b042b5ac /crypto/x509v3 | |
| parent | Don't leak memory from notice_section function on error path (diff) | |
| download | openssl-379a8ed1ffdbb0c8dbf89b2777b1b710f968db6e.tar.xz openssl-379a8ed1ffdbb0c8dbf89b2777b1b710f968db6e.zip | |
Don't leak memory in v2i_POLICY_MAPPINGS() on error path
The v2i_POLICY_MAPPINGS() function leaked ASN1_OBJECT pointers on error
paths.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/x509v3')
| -rw-r--r-- | crypto/x509v3/v3_pmaps.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/crypto/x509v3/v3_pmaps.c b/crypto/x509v3/v3_pmaps.c index 959b678b12..73f4ec2467 100644 --- a/crypto/x509v3/v3_pmaps.c +++ b/crypto/x509v3/v3_pmaps.c @@ -64,9 +64,9 @@ static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { - POLICY_MAPPINGS *pmaps; - POLICY_MAPPING *pmap; - ASN1_OBJECT *obj1, *obj2; + POLICY_MAPPINGS *pmaps = NULL; + POLICY_MAPPING *pmap = NULL; + ASN1_OBJECT *obj1 = NULL, *obj2 = NULL; CONF_VALUE *val; int i; @@ -78,30 +78,33 @@ static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { val = sk_CONF_VALUE_value(nval, i); if (!val->value || !val->name) { - sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); - return NULL; + goto err; } obj1 = OBJ_txt2obj(val->name, 0); obj2 = OBJ_txt2obj(val->value, 0); if (!obj1 || !obj2) { - sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); - return NULL; + goto err; } pmap = POLICY_MAPPING_new(); if (pmap == NULL) { - sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } pmap->issuerDomainPolicy = obj1; pmap->subjectDomainPolicy = obj2; + obj1 = obj2 = NULL; sk_POLICY_MAPPING_push(pmaps, pmap); } return pmaps; + err: + ASN1_OBJECT_free(obj1); + ASN1_OBJECT_free(obj2); + sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); + return NULL; } |