[openssl] OpenSSL_1_1_1-stable update

Dr. Paul Dale pauli at openssl.org
Mon May 25 22:26:14 UTC 2020


The branch OpenSSL_1_1_1-stable has been updated
       via  b7bc412eafb4c252e640719f048d3ca293b64b0f (commit)
      from  1bde3c65baea32a3d87fe80f04f2f6594e74992d (commit)


- Log -----------------------------------------------------------------
commit b7bc412eafb4c252e640719f048d3ca293b64b0f
Author: Pauli <paul.dale at oracle.com>
Date:   Mon May 25 07:43:45 2020 +1000

    Coverity 1463830: Resource leaks (RESOURCE_LEAK)
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
    (Merged from https://github.com/openssl/openssl/pull/11941)
    
    (cherry picked from commit bbc3c22c0e2b3b4b6f069712dc8322a48506b775)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x509_vfy.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 39e0c53de0..5bd3c4c159 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -377,6 +377,7 @@ static STACK_OF(X509) *lookup_certs_sk(X509_STORE_CTX *ctx, X509_NAME *nm)
         x = sk_X509_value(ctx->other_ctx, i);
         if (X509_NAME_cmp(nm, X509_get_subject_name(x)) == 0) {
             if (!X509_up_ref(x)) {
+                sk_X509_pop_free(sk, X509_free);
                 X509err(X509_F_LOOKUP_CERTS_SK, ERR_R_INTERNAL_ERROR);
                 ctx->error = X509_V_ERR_UNSPECIFIED;
                 return NULL;


More information about the openssl-commits mailing list