Fix coverity issue: CID 1466479 - Resource leak in apps/pkcs12.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12847)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index f5bb18a8db4bd3c0beda4b516fb31bab0e1166d3..23ffa98f77301aeb5d9b07debe11e50c6b16c6ea 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -541,13 +541,15 @@ int pkcs12_main(int argc, char **argv)
             X509_STORE_free(store);
 
             if (vret == X509_V_OK) {
+                int add_certs;
                 /* Remove from chain2 the first (end entity) certificate */
                 X509_free(sk_X509_shift(chain2));
                 /* Add the remaining certs (except for duplicates) */
-                if (!X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
-                                    | X509_ADD_FLAG_NO_DUP))
-                    goto export_end;
+                add_certs = X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
+                                           | X509_ADD_FLAG_NO_DUP);
                 sk_X509_pop_free(chain2, X509_free);
+                if (!add_certs)
+                    goto export_end;
             } else {
                 if (vret != X509_V_ERR_UNSPECIFIED)
                     BIO_printf(bio_err, "Error getting chain: %s\n",