From: FdaSilvaYY <fdasilvayy@gmail.com>
Date: Sun, 3 Apr 2016 21:37:58 +0000 (+0200)
Subject: Fix a possible leak on NETSCAPE_SPKI_verify failure.
X-Git-Tag: OpenSSL_1_1_0-pre5~140
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f6c006ea76304a;p=openssl

Fix a possible leak on NETSCAPE_SPKI_verify failure.

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/apps/ca.c b/apps/ca.c
index 85766cccbb..cc74c5bd25 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2071,6 +2071,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
 
     j = NETSCAPE_SPKI_verify(spki, pktmp);
     if (j <= 0) {
+        EVP_PKEY_free(pktmp);
         BIO_printf(bio_err,
                    "signature verification failed on SPKAC public key\n");
         goto end;