[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Wed Jul 20 05:27:53 UTC 2016
The branch master has been updated
via 415e7c488e09119a42be24129e38ddd43524ee06 (commit)
from 52eede5a970fdb30c4ed6d3663e51f36bd1b1c73 (commit)
- Log -----------------------------------------------------------------
commit 415e7c488e09119a42be24129e38ddd43524ee06
Author: Todd Short <tshort at akamai.com>
Date: Tue Jul 5 09:59:29 2016 -0400
OCSP_request_add0_id() inconsistent error return
There are two failure cases for OCSP_request_add_id():
1. OCSP_ONEREQ_new() failure, where |cid| is not freed
2. sk_OCSP_ONEREQ_push() failure, where |cid| is freed
This changes makes the error behavior consistent, such that |cid| is
not freed when sk_OCSP_ONEREQ_push() fails. OpenSSL only takes
ownership of |cid| when the function succeeds.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1289)
-----------------------------------------------------------------------
Summary of changes:
crypto/ocsp/ocsp_cl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/ocsp/ocsp_cl.c b/crypto/ocsp/ocsp_cl.c
index d0ee057..12d5bef 100644
--- a/crypto/ocsp/ocsp_cl.c
+++ b/crypto/ocsp/ocsp_cl.c
@@ -35,8 +35,10 @@ OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
return NULL;
OCSP_CERTID_free(one->reqCert);
one->reqCert = cid;
- if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest.requestList, one))
+ if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest.requestList, one)) {
+ one->reqCert = NULL; /* do not free on error */
goto err;
+ }
return one;
err:
OCSP_ONEREQ_free(one);
More information about the openssl-commits
mailing list