Fix the abnormal branch memory leak in ssl_set_cert_and_key function

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28619)

(cherry picked from commit e7f88391867dd71dc0ef37646f497411bea5350c)

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index e833bcdbc377655e11505b9912ef8d6b6497ce9b..f4731a87af90cf676996fcd7abcd31eb3c1aa8f6 100644 (file)
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -1056,10 +1056,13 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr
         }
     }
 
-    if (!X509_up_ref(x509))
+    if (!X509_up_ref(x509)) {
+        OSSL_STACK_OF_X509_free(dup_chain);
         goto out;
+    }
 
     if (!EVP_PKEY_up_ref(privatekey)) {
+        OSSL_STACK_OF_X509_free(dup_chain);
         X509_free(x509);
         goto out;
     }