Commit 582e5929 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files 

Fix bug which would free up a public key
twice if the verify callback tried to
continue after a signature failure.
parent 8782a426

crypto/x509/x509_vfy.c

+5 −2
Original line number Diff line number Diff line
@@ -436,11 +436,14 @@ static int internal_verify(X509_STORE_CTX *ctx) 
				}

			if (X509_verify(xs,pkey) <= 0)

				{

				EVP_PKEY_free(pkey);

				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;

				ctx->current_cert=xs;

				ok=(*cb)(0,ctx);

				if (!ok) goto end;

				if (!ok)

					{

					EVP_PKEY_free(pkey);

					goto end;

					}

				}

			EVP_PKEY_free(pkey);

			pkey=NULL;