OpenSSL: Fix a memory leak in OCSP handling
If OCSP_resp_find_status() fails with the first OCSP_CERTID, the generation of the second OCSP_CERTID ended up leaking memory. Fix this by freeing the previously allocated OCSP_CERTID on that code path. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
6602d9e3a6
commit
e3b39e62c2
1 changed files with 1 additions and 0 deletions
|
@ -4666,6 +4666,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
|
||||||
res = OCSP_resp_find_status(basic, id, &status, &reason, &produced_at,
|
res = OCSP_resp_find_status(basic, id, &status, &reason, &produced_at,
|
||||||
&this_update, &next_update);
|
&this_update, &next_update);
|
||||||
if (!res) {
|
if (!res) {
|
||||||
|
OCSP_CERTID_free(id);
|
||||||
id = OCSP_cert_to_id(NULL, conn->peer_cert, conn->peer_issuer);
|
id = OCSP_cert_to_id(NULL, conn->peer_cert, conn->peer_issuer);
|
||||||
if (!id) {
|
if (!id) {
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
|
|
Loading…
Reference in a new issue