BUG/MINOR: acme: fix X509_NAME leak when X509_set_issuer_name() fails

In acme_gen_tmp_x509(), if X509_set_issuer_name() fails, the code
jumped to the mkcert_error label without freeing the previously
allocated X509_NAME object. The other error paths after X509_NAME_new()
(X509_NAME_add_entry_by_txt and X509_set_subject_name) already properly
freed the name before jumping to mkcert_error, but this one was missed.

Fix this by freeing name before the goto, consistent with the other
error paths in the same function.

Must be backported as far as 3.3.

diff --git a/src/acme.c b/src/acme.c
index b8ad8df671782beb2bd25c04c5e3bba950fdc645..f14759747329957c09360b60dccb925b8a019f71 100644 (file)
--- a/src/acme.c
+++ b/src/acme.c
@@ -2681,8 +2681,10 @@ X509 *acme_gen_tmp_x509()
                goto mkcert_error;
        }
        /* Set issuer name as itself */
-       if (X509_set_issuer_name(newcrt, name) != 1)
+       if (X509_set_issuer_name(newcrt, name) != 1) {
+               X509_NAME_free(name);
                goto mkcert_error;
+       }
        X509_NAME_free(name);
 
        /* Autosign the certificate with the private key */