x509: Fix leak if a certificate contains multiple authorityKeyIdentifiers

author Tobias Brunner <tobias@strongswan.org>

Wed, 15 Mar 2017 10:16:35 +0000 (11:16 +0100)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 23 May 2017 16:29:11 +0000 (18:29 +0200)
author Tobias Brunner <tobias@strongswan.org>
Wed, 15 Mar 2017 10:16:35 +0000 (11:16 +0100)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 23 May 2017 16:29:11 +0000 (18:29 +0200)
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c

index b3d90c5f61efc6d2a744ba142b2c481d943b2e54..7068853a82ab3f6cff077a5aad105eb67364e96d 100644 (file)
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -1461,6 +1461,7 @@ static bool parse_certificate(private_x509_cert_t *this)
                                                 }
                                                 break;
                                         case OID_AUTHORITY_KEY_ID:
+                                               chunk_free(&this->authKeyIdentifier);
                                                 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(
                                                                         object, level, &this->authKeySerialNumber);
                                                 break;
author	Tobias Brunner <tobias@strongswan.org>
	Wed, 15 Mar 2017 10:16:35 +0000 (11:16 +0100)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 23 May 2017 16:29:11 +0000 (18:29 +0200)