From 077beaecd8c845cb46f8c893db0bdd2f7e60c2be Mon Sep 17 00:00:00 2001 From: Kareem Date: Thu, 21 Aug 2025 16:33:57 -0700 Subject: [PATCH] Fix memory leak in unit test, fix for loop syntax. --- src/x509_str.c | 5 +++-- tests/api.c | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/x509_str.c b/src/x509_str.c index 72a9118e7..1f0bafafd 100644 --- a/src/x509_str.c +++ b/src/x509_str.c @@ -472,6 +472,7 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx) int added = 0; int i = 0; int numInterAdd = 0; + int numFailedCerts = 0; int depth = 0; int origDepth = 0; WOLFSSL_X509 *issuer = NULL; @@ -627,8 +628,8 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx) exit: /* Copy back failed certs if verification failed. */ if (ret != WOLFSSL_SUCCESS) { - for (int cnt = 0, total = wolfSSL_sk_X509_num(failedCerts); - cnt < total; cnt++) + numFailedCerts = wolfSSL_sk_X509_num(failedCerts); + for (i = 0; i < numFailedCerts; i++) { wolfSSL_sk_X509_push(certs, wolfSSL_sk_X509_pop(failedCerts)); } diff --git a/tests/api.c b/tests/api.c index 5e336bf11..29c868977 100644 --- a/tests/api.c +++ b/tests/api.c @@ -20390,9 +20390,9 @@ static int test_wolfSSL_X509_STORE_CTX_ex12(void) ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectIntEQ(X509_STORE_CTX_init(ctx, store, badAkiX509, NULL), 1); ExpectIntEQ(X509_verify_cert(ctx), 0); + X509_STORE_CTX_cleanup(ctx); ExpectIntEQ(X509_STORE_add_cert(store, badAkiX509), 1); - ExpectNotNull(ctx = X509_STORE_CTX_new()); ExpectNotNull(ca1X509 = test_wolfSSL_X509_STORE_CTX_ex_helper(intCA1ECCFile)); ExpectIntEQ(X509_STORE_CTX_init(ctx, store, ca1X509, NULL), 1); ExpectIntEQ(X509_verify_cert(ctx), 1);