From: Jouni Malinen <jouni@codeaurora.org>
Date: Tue, 7 Jan 2020 18:40:12 +0000 (+0200)
Subject: OpenSSL: Fix memory leak in TOD policy validation
X-Git-Tag: hostap_2_10~1971
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=297d69161b014ffbc3dd686e2216f29059431717;p=thirdparty%2Fhostap.git

OpenSSL: Fix memory leak in TOD policy validation

Returned policies from X509_get_ext_d2i() need to be freed.

Fixes: 21f1a1e66c39 ("Report TOD policy")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index a4a647eee..a6a4ce4b9 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -2190,6 +2190,7 @@ static int openssl_cert_tod(X509 *cert)
 		else if (os_strcmp(buf, "1.3.6.1.4.1.40808.1.3.2") == 0 && !tod)
 			tod = 2; /* TOD-TOFU */
 	}
+	sk_POLICYINFO_pop_free(ext, POLICYINFO_free);
 
 	return tod;
 }