diff options
author | David Benjamin <davidben@google.com> | 2016-07-26 18:44:54 +0300 |
---|---|---|
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2016-07-26 22:11:01 +0300 |
commit | 599922feeea30ce731af47cf76577c5b87b97ff6 (patch) | |
tree | 919bc61a0880cda6c381b1ccfd277b22092b6cd4 /crypto | |
parent | 4ff41f614cd90e947957cc63a3c7ca2372c1a45d (diff) |
Fix an error path leak in do_ext_nconf()
(Imported from upstream's 4457017587efae316ac10b159f2e5b0cc81d9921. This
also applies the change in
https://github.com/openssl/openssl/pull/1351.)
Change-Id: Ief4e4b282f5e987981922d127b5345d374d009cf
Reviewed-on: https://boringssl-review.googlesource.com/8941
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/x509v3/v3_conf.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index 66abca4e..ff2eae14 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -138,10 +138,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, nval = NCONF_get_section(conf, value + 1); else nval = X509V3_parse_list(value); - if (sk_CONF_VALUE_num(nval) <= 0) { + if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); + if (*value != '@') + sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); return NULL; } ext_struc = method->v2i(method, ctx, nval); |