From c7c698355a55644d1297429b6c6bc103b461f5f2 Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Sun, 8 Oct 2023 14:50:00 +0200 Subject: [PATCH] fixup! X509_add_cert(): prevent double free on X509_up_ref() failure --- crypto/x509/x509_cmp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index f2c670c96f765..c489ad5f71c0c 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -219,7 +219,8 @@ int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags) return 0; if (!sk_X509_insert(sk, cert, (flags & X509_ADD_FLAG_PREPEND) != 0 ? 0 : -1)) { - X509_free(cert); + if ((flags & X509_ADD_FLAG_UP_REF) != 0) + X509_free(cert); ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); return 0; }