apps/lib/apps.c: free retdb before return on OPENSSL_strdup() failure

Fixes: c7d5ea2670c2 "Prepare to detect index changes in OCSP responder."
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Mon Jun 15 14:29:23 2026
(Merged from https://github.com/openssl/openssl/pull/24981)

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 40938c041013da8d7db3e69e48cf96779ed406e6..b2756b3b1de07f544bcdab5d45c44173d043c005 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -1883,8 +1883,14 @@ CA_DB *load_index(const char *dbfile, DB_ATTR *db_attr)
     }
 
     retdb->dbfname = OPENSSL_strdup(dbfile);
-    if (retdb->dbfname == NULL)
+    if (retdb->dbfname == NULL) {
+        TXT_DB_free(retdb->db);
+        retdb->db = NULL;
+        OPENSSL_free(retdb);
+        retdb = NULL;
+        ERR_raise_data(ERR_LIB_SYS, errno, "Out of memory while copying filename: %s", dbfile);
         goto err;
+    }
 
 #ifndef OPENSSL_NO_POSIX_IO
     retdb->dbst = dbst;