From 4c6be9d15f8425bbf51a3963b6cbc8234310514a Mon Sep 17 00:00:00 2001 From: tb Date: Mon, 5 Apr 2021 07:02:50 +0000 Subject: [PATCH] Don't leak param->name in x509_verify_param_zero() For dynamically allocated verify parameters, param->name is only ever set in X509_VERIFY_set1_name() where the old one is freed and the new one is assigned via strdup(). Setting it to NULL without freeing it beforehand is a leak. looks correct to millert, ok inoguchi --- lib/libcrypto/x509/x509_vpm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/libcrypto/x509/x509_vpm.c b/lib/libcrypto/x509/x509_vpm.c index 9fb94b27724..5133a82b0bf 100644 --- a/lib/libcrypto/x509/x509_vpm.c +++ b/lib/libcrypto/x509/x509_vpm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vpm.c,v 1.23 2020/12/16 13:44:17 tb Exp $ */ +/* $OpenBSD: x509_vpm.c,v 1.24 2021/04/05 07:02:50 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ @@ -172,6 +172,7 @@ x509_verify_param_zero(X509_VERIFY_PARAM *param) X509_VERIFY_PARAM_ID *paramid; if (!param) return; + free(param->name); param->name = NULL; param->purpose = 0; param->trust = 0; -- 2.20.1