From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 15 Mar 2017 10:16:35 +0000 (+0100)
Subject: x509: Fix leak if a certificate contains multiple authorityKeyIdentifiers
X-Git-Tag: 5.5.3~26^2~19
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5e37f7e55041929a4b7458bd7e1f24cd8a0edd8a;p=thirdparty%2Fstrongswan.git

x509: Fix leak if a certificate contains multiple authorityKeyIdentifiers
---

diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index b3d90c5f61..7068853a82 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -1461,6 +1461,7 @@ static bool parse_certificate(private_x509_cert_t *this)
 						}
 						break;
 					case OID_AUTHORITY_KEY_ID:
+						chunk_free(&this->authKeyIdentifier);
 						this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(
 									object, level, &this->authKeySerialNumber);
 						break;