Fix a failure to NULL a pointer freed on error. (c380bff8) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/asn1/x_x509.c

+11 −1

Original line number	Diff line number	Diff line
		@@ -179,8 +179,14 @@ X509 d2i_X509_AUX(X509 a, const unsigned char *pp, long length)
		{
		const unsigned char *q;
		X509 *ret;
		int freeret = 0;

		/* Save start position */
		q = *pp;

		if(!a \|\| *a == NULL) {
		freeret = 1;
		}
		ret = d2i_X509(a, pp, length);
		/* If certificate unreadable then forget it */
		if (!ret)
		@@ -193,7 +199,11 @@ X509 d2i_X509_AUX(X509 a, const unsigned char *pp, long length)
		goto err;
		return ret;
		err:
		if(freeret) {
		X509_free(ret);
		if (a)
		*a = NULL;
		}
		return NULL;
		}

+5 −2

Original line number	Diff line number	Diff line
		@@ -1196,16 +1196,19 @@ EC_KEY d2i_ECParameters(EC_KEY a, const unsigned char *in, long len)
		ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
		return NULL;
		}
		if (a)
		*a = ret;
		} else
		ret = *a;

		if (!d2i_ECPKParameters(&ret->group, in, len)) {
		ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
		if (a == NULL \|\| *a != ret)
		EC_KEY_free(ret);
		return NULL;
		}

		if (a)
		*a = ret;

		return ret;
		}