root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

x509: fix mem leak on error path 

The x509_store_add() creates X509_OBJECT wrapping either X509 or
X509_CRL. However, if you set the type to X509_LU_NONE before
X509_OBJECT_free then it skips the free on the wrapped type and just
calls OPENSSL_free on the object itself. Hence, leaking wrapped
object.

Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28631)
This commit is contained in:
Nikola Pajkovsky 2025-09-22 12:17:16 +02:00 committed by Tomas Mraz
parent 0a6b53ac87
commit 8a4ef31f3a
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/x509/x509_lu.c
View File

@ -408,7 +408,6 @@ static int x509_store_add(X509_STORE *store, void *x, int crl)
} }
if (!X509_STORE_lock(store)) { if (!X509_STORE_lock(store)) {
obj->type = X509_LU_NONE;
X509_OBJECT_free(obj); X509_OBJECT_free(obj);
return 0; return 0;
} }