Fix an error path leak in do_ext_nconf()
(Imported from upstream's 4457017587efae316ac10b159f2e5b0cc81d9921. This also applies the change in https://github.com/openssl/openssl/pull/1351.) Change-Id: Ief4e4b282f5e987981922d127b5345d374d009cf Reviewed-on: https://boringssl-review.googlesource.com/8941 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
parent
4ff41f614c
commit
599922feee
@ -138,10 +138,12 @@ static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
|
||||
nval = NCONF_get_section(conf, value + 1);
|
||||
else
|
||||
nval = X509V3_parse_list(value);
|
||||
if (sk_CONF_VALUE_num(nval) <= 0) {
|
||||
if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) {
|
||||
OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING);
|
||||
ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=",
|
||||
value);
|
||||
if (*value != '@')
|
||||
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
|
||||
return NULL;
|
||||
}
|
||||
ext_struc = method->v2i(method, ctx, nval);
|
||||
|
Loading…
Reference in New Issue
Block a user