wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6894 from julek-wolfssl/fix-possible-hang

Browse Source 
Fix static analyzer possible leak
This commit is contained in:
András Fekete
2023-10-24 09:13:58 -04:00
committed by GitHub
parent a74228b5b0 dc5a246fdd
commit 5da7efacc9
2 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
certs/ocsp/renewcerts.sh
View File

@ -1,5 +1,14 @@
#!/bin/sh #!/bin/sh
# bwrap execution environment to avoid port conflicts
if [ "${AM_BWRAPPED-}" != "yes" ]; then
bwrap_path="$(command -v bwrap)"
if [ -n "$bwrap_path" ]; then
export AM_BWRAPPED=yes
exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
fi
fi
check_result(){ check_result(){
if [ $1 -ne 0 ]; then if [ $1 -ne 0 ]; then
if [ -n "$2" ]; then if [ -n "$2" ]; then

18
src/crl.c
View File

@ -221,8 +221,12 @@ static void CRL_Entry_free(CRL_Entry* crle, void* heap)
/* Free all CRL resources */ /* Free all CRL resources */
void FreeCRL(WOLFSSL_CRL* crl, int dynamic) void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
{ {
CRL_Entry* tmp = crl->crlList; CRL_Entry* tmp;
if (crl == NULL)
return;
tmp = crl->crlList;
WOLFSSL_ENTER("FreeCRL"); WOLFSSL_ENTER("FreeCRL");
if (crl->monitors[0].path) if (crl->monitors[0].path)
XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR); XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
@ -829,6 +833,7 @@ static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl) int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl)
{ {
WOLFSSL_X509_CRL *crl; WOLFSSL_X509_CRL *crl;
int ret = 0;
WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl"); WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl");
if (store == NULL || newcrl == NULL || store->cm == NULL) if (store == NULL || newcrl == NULL || store->cm == NULL)
@ -837,20 +842,19 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
if (store->cm->crl == NULL) { if (store->cm->crl == NULL) {
crl = wolfSSL_X509_crl_new(store->cm); crl = wolfSSL_X509_crl_new(store->cm);
if (crl == NULL) { if (crl == NULL) {
WOLFSSL_MSG("wolfSSL_X509_crl_new failed");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if (wc_LockRwLock_Rd(&newcrl->crlLock) != 0) { if (wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
WOLFSSL_MSG("wc_LockRwLock_Rd failed"); WOLFSSL_MSG("wc_LockRwLock_Rd failed");
return BAD_MUTEX_E; return BAD_MUTEX_E;
} }
if (DupX509_CRL(crl, newcrl) != 0) { ret = DupX509_CRL(crl, newcrl);
if (crl != NULL) { wc_UnLockRwLock(&newcrl->crlLock);
wc_UnLockRwLock(&newcrl->crlLock); if (ret != 0) {
FreeCRL(crl, 1); FreeCRL(crl, 1);
}
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
wc_UnLockRwLock(&newcrl->crlLock);
store->crl = store->cm->crl = crl; store->crl = store->cm->crl = crl;
if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL) if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL)
!= WOLFSSL_SUCCESS) { != WOLFSSL_SUCCESS) {