Fix memleaks in gnutls_x509_trust_list_add_crls()

author Tim Rühsen <tim.ruehsen@gmx.de>

Mon, 7 Aug 2017 21:04:36 +0000 (23:04 +0200)

committer Nikos Mavrogiannopoulos <nmav@gnutls.org>

Tue, 8 Aug 2017 19:17:56 +0000 (21:17 +0200)
author Tim Rühsen <tim.ruehsen@gmx.de>
Mon, 7 Aug 2017 21:04:36 +0000 (23:04 +0200)
committer Nikos Mavrogiannopoulos <nmav@gnutls.org>
Tue, 8 Aug 2017 19:17:56 +0000 (21:17 +0200)
diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c

index d78a2d4b7be691c8360c03444113162494ef4d94..69fc0f2e68d1a874a9e7f8f8b25863921c0cb0d9 100644 (file)
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -708,6 +708,7 @@ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
         unsigned x, i, j = 0;
         unsigned int vret = 0;
         uint32_t hash;
+       gnutls_x509_crl_t *tmp;
  
         /* Probably we can optimize things such as removing duplicates
          * etc.
@@ -733,6 +734,8 @@ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
                                                    &vret);
                         if (ret < 0 || vret != 0) {
                                 _gnutls_debug_log("CRL verification failed, not adding it\n");
+                               if (flags & GNUTLS_TL_NO_DUPLICATES)
+                                       gnutls_x509_crl_deinit(crl_list[i]);
                                 continue;
                         }
                 }
@@ -752,22 +755,28 @@ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
                                         } else {
                                                 /* The new is older, discard it */
                                                 gnutls_x509_crl_deinit(crl_list[i]);
-                                               continue;
+                                               goto next;
                                         }
                                 }
                         }
                 }
  
-               list->node[hash].crls =
-                   gnutls_realloc_fast(list->node[hash].crls,
+               tmp =
+                   gnutls_realloc(list->node[hash].crls,
                                         (list->node[hash].crl_size +
                                          1) *
                                         sizeof(list->node[hash].
                                                trusted_cas[0]));
-               if (list->node[hash].crls == NULL) {
+               if (tmp == NULL) {
+                       ret = i;
                         gnutls_assert();
-                       return i;
+                       if (flags & GNUTLS_TL_NO_DUPLICATES)
+                               while (i < crl_size)
+                                       gnutls_x509_crl_deinit(crl_list[i++]);
+                       return ret;
                 }
+               list->node[hash].crls = tmp;
+
  
                 list->node[hash].crls[list->node[hash].crl_size] =
                     crl_list[i];
author	Tim Rühsen <tim.ruehsen@gmx.de>
	Mon, 7 Aug 2017 21:04:36 +0000 (23:04 +0200)
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Tue, 8 Aug 2017 19:17:56 +0000 (21:17 +0200)