From: Shane Lontis <shane.lontis@oracle.com>
Date: Thu, 10 Sep 2020 08:45:39 +0000 (+1000)
Subject: Fix coverity issue: CID 1466479 - Resource leak in apps/pkcs12.c
X-Git-Tag: openssl-3.0.0-alpha7~292
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5e8cd0a4f48f06df2542e7c74dcbb4310bce7c4c;p=thirdparty%2Fopenssl.git

Fix coverity issue: CID 1466479 - Resource leak in apps/pkcs12.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12847)
---

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index f5bb18a8db4..23ffa98f773 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -541,13 +541,15 @@ int pkcs12_main(int argc, char **argv)
             X509_STORE_free(store);
 
             if (vret == X509_V_OK) {
+                int add_certs;
                 /* Remove from chain2 the first (end entity) certificate */
                 X509_free(sk_X509_shift(chain2));
                 /* Add the remaining certs (except for duplicates) */
-                if (!X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
-                                    | X509_ADD_FLAG_NO_DUP))
-                    goto export_end;
+                add_certs = X509_add_certs(certs, chain2, X509_ADD_FLAG_UP_REF
+                                           | X509_ADD_FLAG_NO_DUP);
                 sk_X509_pop_free(chain2, X509_free);
+                if (!add_certs)
+                    goto export_end;
             } else {
                 if (vret != X509_V_ERR_UNSPECIFIED)
                     BIO_printf(bio_err, "Error getting chain: %s\n",