From: Andy Polyakov <appro@openssl.org>
Date: Sat, 14 Oct 2017 08:21:19 +0000 (+0200)
Subject: x509v3/v3_utl.c: avoid double-free.
X-Git-Tag: OpenSSL_1_1_0g~18
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f32a0a951dc8ea3a4c8c4a76e5b3a32f03c47e3d;p=openssl

x509v3/v3_utl.c: avoid double-free.

Thanks to David Benjamin for spotting this.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4532)

(cherry picked from commit 432f8688bb72e21939845ac7a69359ca718c6676)

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4514)
---

diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index adc1552490..d9cc7c7cd6 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -55,8 +55,10 @@ int X509V3_add_value(const char *name, const char *value,
     return 1;
  err:
     X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
-    if (sk_allocated)
+    if (sk_allocated) {
         sk_CONF_VALUE_free(*extlist);
+        *extlist = NULL;
+    }
     OPENSSL_free(vtmp);
     OPENSSL_free(tname);
     OPENSSL_free(tvalue);