From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 21 Feb 2018 10:13:42 +0000 (+0100)
Subject: x509: Fix leak if a CRL contains multiple authorityKeyIdentifiers
X-Git-Tag: 5.6.3dr1~50
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9ba01ce3807c0e85e3d90736a09f29f2979b9181;p=thirdparty%2Fstrongswan.git

x509: Fix leak if a CRL contains multiple authorityKeyIdentifiers
---

diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 699ac5a392..5c5010b976 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -302,6 +302,7 @@ static bool parse(private_x509_crl_t *this)
 						}
 						break;
 					case OID_AUTHORITY_KEY_ID:
+						chunk_free(&this->authKeyIdentifier);
 						this->authKeyIdentifier =
 							x509_parse_authorityKeyIdentifier(
 									object, level, &this->authKeySerialNumber);