Merge pull request #7808 from Laboratory-for-Safe-and-Secure-Systems/preTBS_memory_leak

Fix memory leak in wc_GeneratePreTBS()

src/x509.c

@@ -7521,20 +7521,12 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
 int wc_GeneratePreTBS(DecodedCert* cert, byte *der, int derSz) {
     int ret = 0;
     WOLFSSL_X509 *x = NULL;
-    byte certOwnsAltNames = 0;
     byte certIsCSR = 0;
 
     if ((cert == NULL) || (der == NULL) || (derSz <= 0)) {
         return BAD_FUNC_ARG;
     }
 
-    /* The call to CopyDecodedToX509() transfers ownership of the altNames in
-     * the DecodedCert to the temporary X509 object, causing the list to be
-     * freed in wolfSSL_X509_free(). As this is an unintended side-effect, we
-     * have to save the ownerFlag here and transfer ownership back to the
-     * DecodedCert prior to freeing the X509 object. */
-    certOwnsAltNames = cert->weOwnAltNames;
-
 #ifdef WOLFSSL_CERT_REQ
     certIsCSR = cert->isCSR;
 #endif
@@ -7547,9 +7539,6 @@ int wc_GeneratePreTBS(DecodedCert* cert, byte *der, int derSz) {
         ret = CopyDecodedToX509(x, cert);
     }
 
-    /* CopyDecodedToX509() clears cert->weOwnAltNames. Restore it. */
-    cert->weOwnAltNames = certOwnsAltNames;
-
     if (ret == 0) {
         /* Remove the altsigval extension. */
         XFREE(x->altSigValDer, x->heap, DYNAMIC_TYPE_X509_EXT);
@@ -7565,9 +7554,6 @@ int wc_GeneratePreTBS(DecodedCert* cert, byte *der, int derSz) {
     }
 
     if (x != NULL) {
-        /* Safe the altNames list from being freed unitentionally. */
-        x->altNames = NULL;
-
         wolfSSL_X509_free(x);
     }