[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Wed Mar 13 09:56:25 UTC 2019


The branch OpenSSL_1_1_1-stable has been updated
       via  cd61ad38b54d22a3d17db9d679c24d9a602cb5d8 (commit)
      from  191570d0b94c88fa95b3c223456863448d697fce (commit)


- Log -----------------------------------------------------------------
commit cd61ad38b54d22a3d17db9d679c24d9a602cb5d8
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Mar 12 10:21:39 2019 +0000

    Fix memory leaks in pkread.c demo file
    
    Also make various changes to bring the file into line with current coding
    style.
    
    Fixes #8456
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Paul Yang <yang.yang at baishancloud.com>
    (Merged from https://github.com/openssl/openssl/pull/8457)
    
    (cherry picked from commit 81cd023f1dc5a8c9094f8e91c1e85e3c9b98a551)

-----------------------------------------------------------------------

Summary of changes:
 demos/pkcs12/pkread.c | 46 +++++++++++++++++++++++++++-------------------
 1 file changed, 27 insertions(+), 19 deletions(-)

diff --git a/demos/pkcs12/pkread.c b/demos/pkcs12/pkread.c
index 3f7913b..32a899f 100644
--- a/demos/pkcs12/pkread.c
+++ b/demos/pkcs12/pkread.c
@@ -17,7 +17,7 @@
 
 static char *find_friendly_name(PKCS12 *p12)
 {
-    STACK_OF(PKCS7) *safes = PKCS12_unpack_authsafes(p12);
+    STACK_OF(PKCS7) *safes;
     int n, m;
     char *name = NULL;
     PKCS7 *safe;
@@ -48,56 +48,64 @@ static char *find_friendly_name(PKCS12 *p12)
 int main(int argc, char **argv)
 {
     FILE *fp;
-    EVP_PKEY *pkey;
-    X509 *cert;
+    EVP_PKEY *pkey = NULL;
+    X509 *cert = NULL;
     STACK_OF(X509) *ca = NULL;
-    PKCS12 *p12;
-    const char *name;
-    int i;
+    PKCS12 *p12 = NULL;
+    char *name = NULL;
+    int i, ret = EXIT_FAILURE;
 
     if (argc != 4) {
         fprintf(stderr, "Usage: pkread p12file password opfile\n");
-        exit(1);
+        exit(EXIT_FAILURE);
     }
-    OpenSSL_add_all_algorithms();
-    ERR_load_crypto_strings();
+
     if ((fp = fopen(argv[1], "rb")) == NULL) {
         fprintf(stderr, "Error opening file %s\n", argv[1]);
-        exit(1);
+        exit(EXIT_FAILURE);
     }
     p12 = d2i_PKCS12_fp(fp, NULL);
     fclose(fp);
-    if (!p12) {
+    if (p12 == NULL) {
         fprintf(stderr, "Error reading PKCS#12 file\n");
         ERR_print_errors_fp(stderr);
-        exit(1);
+        goto err;
     }
     if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
         fprintf(stderr, "Error parsing PKCS#12 file\n");
         ERR_print_errors_fp(stderr);
-        exit(1);
+        goto err;
     }
     name = find_friendly_name(p12);
     PKCS12_free(p12);
     if ((fp = fopen(argv[3], "w")) == NULL) {
         fprintf(stderr, "Error opening file %s\n", argv[1]);
-        exit(1);
+        goto err;
     }
-    if (name)
+    if (name != NULL)
         fprintf(fp, "***Friendly Name***\n%s\n", name);
-    if (pkey) {
+    if (pkey != NULL) {
         fprintf(fp, "***Private Key***\n");
         PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL);
     }
-    if (cert) {
+    if (cert != NULL) {
         fprintf(fp, "***User Certificate***\n");
         PEM_write_X509_AUX(fp, cert);
     }
-    if (ca && sk_X509_num(ca)) {
+    if (ca != NULL && sk_X509_num(ca) > 0) {
         fprintf(fp, "***Other Certificates***\n");
         for (i = 0; i < sk_X509_num(ca); i++)
             PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
     }
     fclose(fp);
-    return 0;
+
+    ret = EXIT_SUCCESS;
+
+ err:
+    OPENSSL_free(name);
+    X509_free(cert);
+    EVP_PKEY_free(pkey);
+    sk_X509_pop_free(ca, X509_free);
+
+    return ret;
 }


More information about the openssl-commits mailing list