From: Norbert Pocs <norbertp@openssl.org>
Date: Wed, 14 May 2025 12:50:42 +0000 (+0200)
Subject: configutl.c: Resolve possible resource leak of config file
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7cc69ec4cf575232040ac776f405fb31f030e59a;p=thirdparty%2Fopenssl.git

configutl.c: Resolve possible resource leak of config file

The coverity detects Resource leak here. It may come to leak when the
option is passed multiple times.

Resolve coverity scan issue 1646846

Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27623)
---

diff --git a/apps/configutl.c b/apps/configutl.c
index 81bcf9d7895..2ee27962790 100644
--- a/apps/configutl.c
+++ b/apps/configutl.c
@@ -131,6 +131,11 @@ int configutl_main(int argc, char *argv[])
             no_header = 1;
             break;
         case OPT_CONFIG:
+            /*
+             * In case multiple OPT_CONFIG options are passed, we need to free
+             * the previous one before assigning the new one.
+             */
+            OPENSSL_free(configfile);
             configfile = OPENSSL_strdup(opt_arg());
             break;
         case OPT_OUT: