diff options
author | Matt Caswell <matt@openssl.org> | 2016-06-14 11:45:34 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-14 11:45:34 +0100 |
commit | 036e61b1669fee477af2d5d1afd0b015517f7f9a (patch) | |
tree | dd91481539d8536c3c75ab763ff207e91fd37d2a /crypto/asn1/f_string.c | |
parent | d285b5418ee1ff361f06545e0489ece61bdd1a50 (diff) | |
download | openssl-036e61b1669fee477af2d5d1afd0b015517f7f9a.zip openssl-036e61b1669fee477af2d5d1afd0b015517f7f9a.tar.gz openssl-036e61b1669fee477af2d5d1afd0b015517f7f9a.tar.bz2 |
Free memory on an error path
The function a2i_ASN1_STRING can encounter an error after already
allocating a buffer. It wasn't always freeing that buffer on error.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/asn1/f_string.c')
-rw-r--r-- | crypto/asn1/f_string.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index f9a77a2..0e03139 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -104,6 +104,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) i -= again; if (i % 2 != 0) { ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS); + OPENSSL_free(s); return 0; } i /= 2; @@ -123,6 +124,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) if (m < 0) { ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_NON_HEX_CHARACTERS); + OPENSSL_free(s); return 0; } s[num + j] <<= 4; @@ -141,5 +143,6 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) err: ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE); + OPENSSL_free(s); return 0; } |