Skip to content

Commit

Permalink
Merge pull request #8449 from ColtonWilley/x509_store_mem_leak
Browse files Browse the repository at this point in the history 
Fix memory leak in X509 STORE
  • Loading branch information
@dgarske
dgarske authored Feb 14, 2025
2 parents 746aa9b + e197cdf commit 1432bd4
Showing 1 changed file with 15 additions and 11 deletions.
26 changes: 15 additions & 11 deletions src/x509_str.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1477,7 +1477,6 @@ int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str,
byte *buf, word32 bufLen, int type)
{
int ret = WOLFSSL_SUCCESS;

WOLFSSL_X509 *x509 = NULL;

if (str == NULL || buf == NULL) {
Expand All @@ -1486,21 +1485,26 @@ int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str,

/* OpenSSL X509_STORE_load_file fails on DER file, we will as well */
x509 = wolfSSL_X509_load_certificate_buffer(buf, bufLen, type);
if (str->owned != NULL) {
if (wolfSSL_sk_X509_push(str->owned, x509) <= 0) {
if (x509 != NULL) {
ret = wolfSSL_X509_STORE_add_cert(str, x509);
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Failed to load file");
ret = WOLFSSL_FAILURE;
}
if (ret == WOLFSSL_SUCCESS && str->owned != NULL) {
if (wolfSSL_sk_X509_push(str->owned, x509) <= 0) {
ret = WOLFSSL_FAILURE;
}
else {
x509 = NULL;
}
}
wolfSSL_X509_free(x509);

}
if (ret == WOLFSSL_SUCCESS) {
ret = wolfSSL_X509_STORE_add_cert(str, x509);
}
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Failed to load file");
else {
ret = WOLFSSL_FAILURE;
}
if (ret != WOLFSSL_SUCCESS || str->owned == NULL) {
wolfSSL_X509_free(x509);
}

return ret;
}
Expand Down

0 comments on commit 1432bd4

Please sign in to comment.