[openssl] openssl-3.0 update

tomas at openssl.org tomas at openssl.org
Fri Dec 17 14:10:38 UTC 2021


The branch openssl-3.0 has been updated
       via  1d02ce4f3793e51d16d1653c562d051755e24ee2 (commit)
      from  b115e29f02cb66f5452fc72182228071e604a794 (commit)


- Log -----------------------------------------------------------------
commit 1d02ce4f3793e51d16d1653c562d051755e24ee2
Author: Peiwei Hu <jlu.hpw at foxmail.com>
Date:   Wed Dec 15 16:24:21 2021 +0800

    X509_STORE_new: memory needs to be freed
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17278)
    
    (cherry picked from commit c81eed84e4e9025e933778f5e8326b1e4435e094)

-----------------------------------------------------------------------

Summary of changes:
 demos/cms/cms_ver.c | 13 ++++++++-----
 demos/smime/smver.c | 14 +++++++++-----
 2 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/demos/cms/cms_ver.c b/demos/cms/cms_ver.c
index cd2b01e1b0..3c0a7aa19e 100644
--- a/demos/cms/cms_ver.c
+++ b/demos/cms/cms_ver.c
@@ -27,16 +27,18 @@ int main(int argc, char **argv)
     /* Set up trusted CA certificate store */
 
     st = X509_STORE_new();
+    if (st == NULL)
+        goto err;
 
     /* Read in CA certificate */
     tbio = BIO_new_file("cacert.pem", "r");
 
-    if (!tbio)
+    if (tbio == NULL)
         goto err;
 
     cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
 
-    if (!cacert)
+    if (cacert == NULL)
         goto err;
 
     if (!X509_STORE_add_cert(st, cacert))
@@ -46,18 +48,18 @@ int main(int argc, char **argv)
 
     in = BIO_new_file("smout.txt", "r");
 
-    if (!in)
+    if (in == NULL)
         goto err;
 
     /* parse message */
     cms = SMIME_read_CMS(in, &cont);
 
-    if (!cms)
+    if (cms == NULL)
         goto err;
 
     /* File to output verified content to */
     out = BIO_new_file("smver.txt", "w");
-    if (!out)
+    if (out == NULL)
         goto err;
 
     if (!CMS_verify(cms, NULL, st, cont, out, 0)) {
@@ -76,6 +78,7 @@ int main(int argc, char **argv)
         ERR_print_errors_fp(stderr);
     }
 
+    X509_STORE_free(st);
     CMS_ContentInfo_free(cms);
     X509_free(cacert);
     BIO_free(in);
diff --git a/demos/smime/smver.c b/demos/smime/smver.c
index 601462a041..5d552b1808 100644
--- a/demos/smime/smver.c
+++ b/demos/smime/smver.c
@@ -27,16 +27,18 @@ int main(int argc, char **argv)
     /* Set up trusted CA certificate store */
 
     st = X509_STORE_new();
+    if (st == NULL)
+        goto err;
 
     /* Read in signer certificate and private key */
     tbio = BIO_new_file("cacert.pem", "r");
 
-    if (!tbio)
+    if (tbio == NULL)
         goto err;
 
     cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
 
-    if (!cacert)
+    if (cacert == NULL)
         goto err;
 
     if (!X509_STORE_add_cert(st, cacert))
@@ -46,18 +48,18 @@ int main(int argc, char **argv)
 
     in = BIO_new_file("smout.txt", "r");
 
-    if (!in)
+    if (in == NULL)
         goto err;
 
     /* Sign content */
     p7 = SMIME_read_PKCS7(in, &cont);
 
-    if (!p7)
+    if (p7 == NULL)
         goto err;
 
     /* File to output verified content to */
     out = BIO_new_file("smver.txt", "w");
-    if (!out)
+    if (out == NULL)
         goto err;
 
     if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) {
@@ -74,6 +76,8 @@ int main(int argc, char **argv)
         fprintf(stderr, "Error Verifying Data\n");
         ERR_print_errors_fp(stderr);
     }
+
+    X509_STORE_free(st);
     PKCS7_free(p7);
     X509_free(cacert);
     BIO_free(in);


More information about the openssl-commits mailing list