[openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

Viktor Dukhovni openssl-users at dukhovni.org
Wed Jan 3 01:27:29 UTC 2018



> On Jan 2, 2018, at 8:10 PM, Dave Coombs <dcoombs at carillon.ca> wrote:
> 
> Looking at the code in x509_lu.c, X509_STORE_add_cert() takes ownership of your X509 *cc_cert -- you don't need to (and probably shouldn't) free it.

The observation is correct, but the conclusion is wrong.
The object is reference counted, and X509_free() is needed
to avoid a leak (when the store is freed along with the
context).

-- 
	Viktor.



More information about the openssl-users mailing list