Correct error handling bug in prior commit

In crypto_encode_der_cert(), if the second i2d_X509() invocation fails, make sure to free the allocated pointer and not the possibly-modified alias. ticket: 8561
author: Greg Hudson <ghudson@mit.edu> 2017-03-23 13:42:55 -0400
committer: Greg Hudson <ghudson@mit.edu> 2017-03-23 13:50:06 -0400
commit: 7fdaef7c3280c86b5df25ae061fb04cc56d8620c (patch)
tree: f4814a507d02834633ef27784129ea7710447fad /src/plugins/preauth
parent: 89634ca049e698d7dd2554f5c49bfc499be96188 (diff)
download: krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.zip
krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.gz
krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index a1ba911..be4fc47 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -6114,10 +6114,10 @@ crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx,
     if (len <= 0)
         return EINVAL;
     p = der = malloc(len);
-    if (p == NULL)
+    if (der == NULL)
         return ENOMEM;
     if (i2d_X509(reqctx->received_cert, &p) <= 0) {
-        free(p);
+        free(der);
         return EINVAL;
     }
     *der_out = der;
author	Greg Hudson <ghudson@mit.edu>	2017-03-23 13:42:55 -0400
committer	Greg Hudson <ghudson@mit.edu>	2017-03-23 13:50:06 -0400
commit	7fdaef7c3280c86b5df25ae061fb04cc56d8620c (patch)
tree	f4814a507d02834633ef27784129ea7710447fad /src/plugins/preauth
parent	89634ca049e698d7dd2554f5c49bfc499be96188 (diff)
download	krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.zip krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.gz krb5-7fdaef7c3280c86b5df25ae061fb04cc56d8620c.tar.bz2