Fix memleaks from #1755 and some pre-existing ones

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 6d3f9ef4bbc713c9f5904d339d55d4512a73ce0e..5de4869908a518c3d33822f6d8ecd665bf3b8431 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -703,6 +703,8 @@ static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int s
                                add_assoc_stringl(&subitem, sname, (char *)to_add, to_add_len);
                        }
                }
+
+               OPENSSL_free(to_add);
        }
        if (key != NULL) {
                zend_hash_str_update(Z_ARRVAL_P(val), key, strlen(key), &subitem);
@@ -2004,7 +2006,10 @@ PHP_FUNCTION(openssl_x509_parse)
        char *extname;
        BIO *bio_out;
        BUF_MEM *bio_buf;
-       char * hexserial;
+       ASN1_INTEGER *asn1_serial;
+       BIGNUM *bn_serial;
+       char *str_serial;
+       char *hex_serial;
        char buf[256];
 
        if (zend_parse_parameters(ZEND_NUM_ARGS(), "z|b", &zcert, &useshortnames) == FAILURE) {
@@ -2032,19 +2037,28 @@ PHP_FUNCTION(openssl_x509_parse)
        add_assoc_name_entry(return_value, "issuer",            X509_get_issuer_name(cert), useshortnames);
        add_assoc_long(return_value, "version",                         X509_get_version(cert));
 
-       add_assoc_string(return_value, "serialNumber", i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert)));
+       asn1_serial = X509_get_serialNumber(cert);
 
-       /* Return the hex representation of the serial number, as defined by OpenSSL */
-       hexserial = BN_bn2hex(ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), NULL));
+       bn_serial = ASN1_INTEGER_to_BN(asn1_serial, NULL);
+       /* Can return NULL on error or memory allocation failure */
+       if (!bn_serial) {
+               RETURN_FALSE;
+       }
 
-       /* If we received null back from BN_bn2hex, there was a critical error in openssl,
-        * and we should not continue.
-        */
-       if (!hexserial) {
+       hex_serial = BN_bn2hex(bn_serial);
+       BN_free(bn_serial);
+       /* Can return NULL on error or memory allocation failure */
+       if (!hex_serial) {
                RETURN_FALSE;
        }
-       add_assoc_string(return_value, "serialNumberHex", hexserial); 
-       OPENSSL_free(hexserial);
+
+       str_serial = i2s_ASN1_INTEGER(NULL, asn1_serial);
+       add_assoc_string(return_value, "serialNumber", str_serial);
+       OPENSSL_free(str_serial);
+
+       /* Return the hex representation of the serial number, as defined by OpenSSL */
+       add_assoc_string(return_value, "serialNumberHex", hex_serial);
+       OPENSSL_free(hex_serial);
 
        add_assoc_asn1_string(return_value, "validFrom",        X509_get_notBefore(cert));
        add_assoc_asn1_string(return_value, "validTo",          X509_get_notAfter(cert));