From 86b5434dccca514cd4e7f91296b6bb080e7b6e70 Mon Sep 17 00:00:00 2001 From: Radim Smat Date: Thu, 4 Mar 2021 10:45:49 +0100 Subject: [PATCH 1/4] Fixed CID 587342. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index 2d68a0d4f..d5971c734 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -8531,6 +8531,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) NO_VERIFY, NULL) < 0) { WOLFSSL_MSG("\tCertificate parsing failed"); wolfSSL_X509_EXTENSION_free(ext); + FreeDecodedCert(&cert); return NULL; } From dbaf5456949c361833e41091cc564340206c80d2 Mon Sep 17 00:00:00 2001 From: Radim Smat Date: Thu, 4 Mar 2021 11:08:25 +0100 Subject: [PATCH 2/4] Fixed CID 587348 and CID 587349. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index d5971c734..af3cb613c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -9552,6 +9552,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos) CA_TYPE, NO_VERIFY, NULL) < 0) { WOLFSSL_MSG("\tCertificate parsing failed"); + FreeDecodedCert(&cert); return WOLFSSL_FATAL_ERROR; } From f056601d2643b1e23b57c9423cfc43536d75209e Mon Sep 17 00:00:00 2001 From: Radim Smat Date: Thu, 4 Mar 2021 11:16:40 +0100 Subject: [PATCH 3/4] Fixed CID 587549. --- src/ssl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ssl.c b/src/ssl.c index af3cb613c..0593a3218 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -18298,6 +18298,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl) x509 = wolfSSL_X509_new(); if (x509 == NULL) { WOLFSSL_MSG("Error Creating X509"); + wolfSSL_sk_X509_free(sk); return NULL; } ret = DecodeToX509(x509, ssl->session.chain.certs[i].buffer, From 027f05e34946602f6c07834701026f6f5632ed10 Mon Sep 17 00:00:00 2001 From: Radim Smat Date: Thu, 4 Mar 2021 13:40:45 +0100 Subject: [PATCH 4/4] Fixed CID 583215. --- src/ocsp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/ocsp.c b/src/ocsp.c index efb86f37c..427c1a34c 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -608,8 +608,10 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( XMEMCPY(derCert->buffer, issuer->derCert->buffer, issuer->derCert->length); ret = AddCA(cm, &derCert, WOLFSSL_USER_CA, 1); - if (ret != WOLFSSL_SUCCESS) + if (ret != WOLFSSL_SUCCESS) { + wolfSSL_CertManagerFree(cm); return NULL; + } } certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), NULL,