From: Dr. David von Oheimb Date: Fri, 26 Feb 2021 12:26:37 +0000 (+0100) Subject: apps/x509.c: Fix mem leaks in processing of -next_serial in print loop X-Git-Tag: openssl-3.0.0-alpha13~98 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e60e974414a7e637ff2f946dc2aa24c381a32cc2;p=thirdparty%2Fopenssl.git apps/x509.c: Fix mem leaks in processing of -next_serial in print loop Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/14340) --- diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 3f1cf5f2479..634bebde423 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -1077,6 +1077,7 @@ void print_name(BIO *out, const char *title, const X509_NAME *nm) char mline = 0; int indent = 0; unsigned long lflags = get_nameopt(); + if (title != NULL) BIO_puts(out, title); if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { diff --git a/apps/x509.c b/apps/x509.c index 152537f90a8..1108ff7ad4d 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -887,16 +887,16 @@ int x509_main(int argc, char **argv) i2a_ASN1_INTEGER(out, X509_get0_serialNumber(x)); BIO_printf(out, "\n"); } else if (i == next_serial) { - ASN1_INTEGER *ser = X509_get_serialNumber(x); - BIGNUM *bnser = ASN1_INTEGER_to_BN(ser, NULL); + ASN1_INTEGER *ser; + BIGNUM *bnser = ASN1_INTEGER_to_BN(X509_get0_serialNumber(x), NULL); if (bnser == NULL) goto end; - if (!BN_add_word(bnser, 1)) - goto end; - ser = BN_to_ASN1_INTEGER(bnser, NULL); - if (ser == NULL) + if (!BN_add_word(bnser, 1) + || (ser = BN_to_ASN1_INTEGER(bnser, NULL)) == NULL) { + BN_free(bnser); goto end; + } BN_free(bnser); i2a_ASN1_INTEGER(out, ser); ASN1_INTEGER_free(ser); @@ -976,9 +976,8 @@ int x509_main(int argc, char **argv) goto end; } BIO_printf(out, "%s Fingerprint=", OBJ_nid2sn(EVP_MD_type(fdig))); - for (j = 0; j < (int)n; j++) { + for (j = 0; j < (int)n; j++) BIO_printf(out, "%02X%c", md[j], (j + 1 == (int)n) ? '\n' : ':'); - } } else if (i == ocspid) { X509_ocspid_print(out, x); } else if (i == ext) {