[openssl] master update

dev at ddvo.net dev at ddvo.net
Wed Feb 17 16:37:28 UTC 2021 

The branch master has been updated
       via  adc11e1b9cf12df3c67de165a2b42ac72266cbca (commit)
      from  b51bed05c2ab54a1933b5c18862e68cd4540278c (commit)


- Log -----------------------------------------------------------------
commit adc11e1b9cf12df3c67de165a2b42ac72266cbca
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Mon Feb 15 10:24:58 2021 +0100

    x509_vfy: fix mem leaks in chain_build() on malloc error Coverify CID 1473068
    
    Fixes: Variable "sk_untrusted" going out of scope leaks the storage it points to.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14187)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/x509_vfy.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 4e192abec4..d5c09d28f4 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -3035,12 +3035,9 @@ static int build_chain(X509_STORE_CTX *ctx)
      * If we got any "DANE-TA(2) Cert(0) Full(0)" trust anchors from DNS, add
      * them to our working copy of the untrusted certificate stack.
      */
-    if (DANETLS_ENABLED(dane) && dane->certs != NULL) {
-        if (!X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT)) {
-            sk_X509_free(sk_untrusted);
-            goto memerr;
-        }
-    }
+    if (DANETLS_ENABLED(dane) && dane->certs != NULL
+        && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT))
+        goto memerr;
 
     /*
      * Still absurdly large, but arithmetically safe, a lower hard upper bound
@@ -3306,14 +3303,15 @@ static int build_chain(X509_STORE_CTX *ctx)
     }
 
  int_err:
-    sk_X509_free(sk_untrusted);
     ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
     ctx->error = X509_V_ERR_UNSPECIFIED;
+    sk_X509_free(sk_untrusted);
     return -1;
 
  memerr:
     ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
     ctx->error = X509_V_ERR_OUT_OF_MEM;
+    sk_X509_free(sk_untrusted);
     return -1;
 }

More information about the openssl-commits mailing list