diff options
author | Greg Hudson <ghudson@mit.edu> | 2017-03-23 13:42:55 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2017-03-23 13:50:06 -0400 |
commit | 7fdaef7c3280c86b5df25ae061fb04cc56d8620c (patch) | |
tree | f4814a507d02834633ef27784129ea7710447fad /src/plugins/preauth | |
parent | 89634ca049e698d7dd2554f5c49bfc499be96188 (diff) | |
download | krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.zip krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.gz krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.bz2 |
Correct error handling bug in prior commit
In crypto_encode_der_cert(), if the second i2d_X509() invocation
fails, make sure to free the allocated pointer and not the
possibly-modified alias.
ticket: 8561
Diffstat (limited to 'src/plugins/preauth')
-rw-r--r-- | src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index a1ba911..be4fc47 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -6114,10 +6114,10 @@ crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx, if (len <= 0) return EINVAL; p = der = malloc(len); - if (p == NULL) + if (der == NULL) return ENOMEM; if (i2d_X509(reqctx->received_cert, &p) <= 0) { - free(p); + free(der); return EINVAL; } *der_out = der; |