generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix two leaks in X509_REQ_to_X509

Browse Source 
Issue #182

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
FdaSilvaYY
2016-03-17 00:15:48 +01:00
parent 6c13488c4e
commit 0517538d1a
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
crypto/x509/x509_r2x.c
View File

@@ -70,10 +70,11 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
X509 *ret = NULL; X509 *ret = NULL;
X509_CINF *xi = NULL; X509_CINF *xi = NULL;
X509_NAME *xn; X509_NAME *xn;
EVP_PKEY *pubkey = NULL;
if ((ret = X509_new()) == NULL) { if ((ret = X509_new()) == NULL) {
X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE); X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
goto err; return NULL;
} }
/* duplicate the request */ /* duplicate the request */
@@ -89,9 +90,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
} }
xn = X509_REQ_get_subject_name(r); xn = X509_REQ_get_subject_name(r);
if (X509_set_subject_name(ret, X509_NAME_dup(xn)) == 0) if (X509_set_subject_name(ret, xn) == 0)
goto err; goto err;
if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0) if (X509_set_issuer_name(ret, xn) == 0)
goto err; goto err;
if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL) if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL)
@@ -100,12 +101,21 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
NULL) NULL)
goto err; goto err;
X509_set_pubkey(ret, X509_REQ_get_pubkey(r)); pubkey = X509_REQ_get_pubkey(r);
if (pubkey == NULL)
goto err;
if (!X509_set_pubkey(ret, pubkey))
goto err_pkey;
EVP_PKEY_free(pubkey);
if (!X509_sign(ret, pkey, EVP_md5())) if (!X509_sign(ret, pkey, EVP_md5()))
goto err; goto err;
return ret; return ret;
err_pkey:
EVP_PKEY_free(pubkey);
err: err:
X509_free(ret); X509_free(ret);
return NULL; return NULL;