pkcs11_management_id_get: Free certificate object after use

Found by ZeroPath

Change-Id: I85320b8f1cfc02dfd561916e5637d9481edac59e
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1317
Message-Id: <20251027212747.4161-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33908.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c
index ce641356374beed19a59eab511a216fbcca0e39a..9afb18164f949ba54f2e579c1e2c46577d4e6b87 100644 (file)
--- a/src/openvpn/pkcs11.c
+++ b/src/openvpn/pkcs11.c
@@ -436,9 +436,6 @@ pkcs11_management_id_get(const int index, char **id, char **base64)
 {
     pkcs11h_certificate_id_list_t id_list = NULL;
     pkcs11h_certificate_id_list_t entry = NULL;
-#if 0 /* certificate_id seems to be unused -- JY */
-    pkcs11h_certificate_id_t certificate_id = NULL;
-#endif
     pkcs11h_certificate_t certificate = NULL;
     CK_RV rv = CKR_OK;
     unsigned char *certificate_blob = NULL;
@@ -548,6 +545,9 @@ cleanup:
     pkcs11h_certificate_freeCertificateIdList(id_list);
     id_list = NULL;
 
+    pkcs11h_certificate_freeCertificate(certificate);
+    certificate = NULL;
+
     free(internal_id);
     internal_id = NULL;