From: Beat Bolli <dev@drbeat.li>
Date: Thu, 15 Aug 2024 10:35:02 +0000 (+0200)
Subject: x_attrib: fix a memory leak
X-Git-Tag: openssl-3.4.0-alpha1~72
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=223e0020e47e6e8eb6079258ea9d563d1d115132;p=thirdparty%2Fopenssl.git

x_attrib: fix a memory leak

The X509_NAME object needs to be free'd even if printing it fails.

Introduced in be5adfd6e3 ("Support subjectDirectoryAttributes and
associatedInformation exts", 2024-06-18), but subsequently moved in
7bcfb41489 ("ossl_print_attribute_value(): use a sequence value only if
type is a sequence", 2024-08-05).

Signed-off-by: Beat Bolli <dev@drbeat.li>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25207)
---

diff --git a/crypto/x509/x_attrib.c b/crypto/x509/x_attrib.c
index b413a279177..2623398debf 100644
--- a/crypto/x509/x_attrib.c
+++ b/crypto/x509/x_attrib.c
@@ -98,6 +98,7 @@ int ossl_print_attribute_value(BIO *out,
     unsigned char *value;
     X509_NAME *xn = NULL;
     int64_t int_val;
+    int ret = 1;
 
     switch (av->type) {
     case V_ASN1_BOOLEAN:
@@ -192,9 +193,9 @@ int ossl_print_attribute_value(BIO *out,
                 return 0;
             }
             if (X509_NAME_print_ex(out, xn, indent, XN_FLAG_SEP_CPLUS_SPC) <= 0)
-                return 0;
+                ret = 0;
             X509_NAME_free(xn);
-            return 1;
+            return ret;
 
         default:
             break;