OCSP_sendreq_bio: Avoid doublefree of mem BIO

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/16886)

diff --git a/crypto/ocsp/ocsp_http.c b/crypto/ocsp/ocsp_http.c
index 28166d3a175c7a3e5474589be32af46794ed0ba0..e8b6406d3c384c4604cbf6a81b4e05a23d524315 100644 (file)
--- a/crypto/ocsp/ocsp_http.c
+++ b/crypto/ocsp/ocsp_http.c
@@ -58,13 +58,11 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req)
     if (ctx == NULL)
         return NULL;
     mem = OSSL_HTTP_REQ_CTX_exchange(ctx);
-    resp = (OCSP_RESPONSE *)
-        ASN1_item_d2i_bio(ASN1_ITEM_rptr(OCSP_RESPONSE), mem, NULL);
-    BIO_free(mem);
+    /* ASN1_item_d2i_bio handles NULL bio gracefully */
+    resp = (OCSP_RESPONSE *)ASN1_item_d2i_bio(ASN1_ITEM_rptr(OCSP_RESPONSE),
+                                              mem, NULL);
 
-    /* this indirectly calls ERR_clear_error(): */
     OSSL_HTTP_REQ_CTX_free(ctx);
-
     return resp;
 }
 #endif /* !defined(OPENSSL_NO_OCSP) */