From: Niels Dossche <niels.dossche@ugent.be>
Date: Tue, 21 Jan 2025 11:04:44 +0000 (+0100)
Subject: Fix potential memory leak in policy_section()
X-Git-Tag: openssl-3.5.0-alpha1~67
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ececabd9adb4b4def9c044491f993b94ba0c618f;p=thirdparty%2Fopenssl.git

Fix potential memory leak in policy_section()

If sk_POLICYQUALINFO_push() fails, qual is not freed.
Fix it by adding POLICYQUALINFO_free() to the error path.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26499)
---

diff --git a/crypto/x509/v3_cpols.c b/crypto/x509/v3_cpols.c
index ae602ea2cd2..603bb1ce598 100644
--- a/crypto/x509/v3_cpols.c
+++ b/crypto/x509/v3_cpols.c
@@ -195,6 +195,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
                 goto err;
             }
             if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) {
+                POLICYQUALINFO_free(qual);
                 ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
                 goto err;
             }
@@ -232,6 +233,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx,
             if (pol->qualifiers == NULL)
                 pol->qualifiers = sk_POLICYQUALINFO_new_null();
             if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) {
+                POLICYQUALINFO_free(qual);
                 ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
                 goto err;
             }