Minor Issue with X509_STORE_CTX_init and it's callers.

[Srinivas Koripella]

Hello all,
There is a minor issue with X509_STORE_CTX_init and its usage. Most of the callers of X509_STORE_CTX_init use a stack variable and pass its address as the ctx argument to this function.  However, X509_STORE_CTX_init in case of an error in the call to CRYPTO_new_ex_data does an OPENSSL_free on this stack variable. This in theory should be ok as the underlying  free implementation should probably be a  no-op as this address is from the stack.

However, on systems that does strict checks on allocated memory heap this can be a problem.  One potential fix could be to remove the OPENSSL_free and let the caller take responsibility for his memory.

Thanks.
Srinivas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-bugs-mod/attachments/20151222/cb02f0a9/attachment.html>