configutl.c: Resolve possible resource leak of config file

The coverity detects Resource leak here. It may come to leak when the
option is passed multiple times.

Resolve coverity scan issue 1646846

Signed-off-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27623)

diff --git a/apps/configutl.c b/apps/configutl.c
index 81bcf9d7895a5f47de2bd8d72cfc960cdea660f8..2ee2796279045025ec977709e4981675b3dd90eb 100644 (file)
--- a/apps/configutl.c
+++ b/apps/configutl.c
@@ -131,6 +131,11 @@ int configutl_main(int argc, char *argv[])
             no_header = 1;
             break;
         case OPT_CONFIG:
+            /*
+             * In case multiple OPT_CONFIG options are passed, we need to free
+             * the previous one before assigning the new one.
+             */
+            OPENSSL_free(configfile);
             configfile = OPENSSL_strdup(opt_arg());
             break;
         case OPT_OUT: