From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Thu, 3 Nov 2022 14:16:48 +0000 (+0100)
Subject: BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
X-Git-Tag: v2.7-dev9~119
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1621dc1cc59cf99c8d5e02c0f300f1cd743cafa1;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer

When calling ssl_get0_issuer_chain, if akid is not NULL but its keyid
is, then the AUTHORITY_KEYID is not freed.

This patch can be backported to all stable branches.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2f76bb9866..801405b309 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7231,8 +7231,8 @@ int ssl_load_global_issuer_from_BIO(BIO *in, char *fp, char **err)
 				break;
 			}
 		}
-		AUTHORITY_KEYID_free(akid);
 	}
+	AUTHORITY_KEYID_free(akid);
 	return issuer;
 }