Fix error handling in X509_chain_up_ref

Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9614) (cherry picked from commit cae665dfa6ccec743a7f39cf80676d7d2d787e56)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-08-16 15:18:51 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-08-17 16:51:32 +0200
commit: b14c6d9af475858c60f3d04abe7d87bd9f71d578 (patch)
tree: e887f188cdce4caae0cf2eaaa111df69a3102967
parent: b15a19c148384e73338aa7c5b12652138e35ed28 (diff)
download: openssl-new-b14c6d9af475858c60f3d04abe7d87bd9f71d578.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 49b0368dfc..4e74a74a51 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -451,9 +451,17 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
     STACK_OF(X509) *ret;
     int i;
     ret = sk_X509_dup(chain);
+    if (ret == NULL)
+        return NULL;
     for (i = 0; i < sk_X509_num(ret); i++) {
         X509 *x = sk_X509_value(ret, i);
-        X509_up_ref(x);
+        if (!X509_up_ref(x))
+            goto err;
     }
     return ret;
+ err:
+    while (i-- > 0)
+        X509_free (sk_X509_value(ret, i));
+    sk_X509_free(ret);
+    return NULL;
 }
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-08-16 15:18:51 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-08-17 16:51:32 +0200
commit	b14c6d9af475858c60f3d04abe7d87bd9f71d578 (patch)
tree	e887f188cdce4caae0cf2eaaa111df69a3102967
parent	b15a19c148384e73338aa7c5b12652138e35ed28 (diff)
download	openssl-new-b14c6d9af475858c60f3d04abe7d87bd9f71d578.tar.gz