diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-08-16 15:18:51 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-08-17 16:51:32 +0200 |
commit | b14c6d9af475858c60f3d04abe7d87bd9f71d578 (patch) | |
tree | e887f188cdce4caae0cf2eaaa111df69a3102967 | |
parent | b15a19c148384e73338aa7c5b12652138e35ed28 (diff) | |
download | openssl-new-b14c6d9af475858c60f3d04abe7d87bd9f71d578.tar.gz |
Fix error handling in X509_chain_up_ref
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9614)
(cherry picked from commit cae665dfa6ccec743a7f39cf80676d7d2d787e56)
-rw-r--r-- | crypto/x509/x509_cmp.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 49b0368dfc..4e74a74a51 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -451,9 +451,17 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain) STACK_OF(X509) *ret; int i; ret = sk_X509_dup(chain); + if (ret == NULL) + return NULL; for (i = 0; i < sk_X509_num(ret); i++) { X509 *x = sk_X509_value(ret, i); - X509_up_ref(x); + if (!X509_up_ref(x)) + goto err; } return ret; + err: + while (i-- > 0) + X509_free (sk_X509_value(ret, i)); + sk_X509_free(ret); + return NULL; } |