From 1f41c05bcc30b8cd7cacf033c82f28b371a4c3f9 Mon Sep 17 00:00:00 2001 From: tb Date: Thu, 16 Aug 2018 16:56:51 +0000 Subject: [PATCH] Revert previous, which was wrong as noted by schwarze. Also revert a hunk from r1.45 and thereby avoid a use-after-free spotted by schwarze. ok schwarze --- usr.bin/openssl/apps.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/usr.bin/openssl/apps.c b/usr.bin/openssl/apps.c index 55a455069e8..3febc15d2b4 100644 --- a/usr.bin/openssl/apps.c +++ b/usr.bin/openssl/apps.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apps.c,v 1.48 2018/08/16 10:26:34 rob Exp $ */ +/* $OpenBSD: apps.c,v 1.49 2018/08/16 16:56:51 tb Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -2050,10 +2050,12 @@ policies_print(BIO *out, X509_STORE_CTX *ctx) { X509_POLICY_TREE *tree; int explicit_policy; + int free_out = 0; - if (out == NULL) + if (out == NULL) { out = BIO_new_fp(stderr, BIO_NOCLOSE); - + free_out = 1; + } tree = X509_STORE_CTX_get0_policy_tree(ctx); explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx); @@ -2063,7 +2065,8 @@ policies_print(BIO *out, X509_STORE_CTX *ctx) nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree)); nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree)); - BIO_free(out); + if (free_out) + BIO_free(out); } /* -- 2.20.1