Fix a possible leak on NETSCAPE_SPKI_verify failure.

Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-03 23:37:58 +02:00 · 2016-04-03 23:37:58 +02:00 · f6c006ea76
parent c5137473bd
commit f6c006ea76
1 changed files with 1 additions and 0 deletions
--- a/apps/ca.c
+++ b/apps/ca.c
@ -2071,6 +2071,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,

    j = NETSCAPE_SPKI_verify(spki, pktmp);
    if (j <= 0) {
+        EVP_PKEY_free(pktmp);
        BIO_printf(bio_err,
                   "signature verification failed on SPKAC public key\n");
        goto end;