x509: Fix leak if there is an empty CDP
authorTobias Brunner <tobias@strongswan.org>
Wed, 29 Mar 2017 09:16:34 +0000 (11:16 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 23 May 2017 16:29:11 +0000 (18:29 +0200)
src/libstrongswan/plugins/x509/x509_cert.c

index 7068853..3027e43 100644 (file)
@@ -818,10 +818,12 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris,
        enumerator_t *enumerator;
        x509_cdp_t *cdp;
        char *uri;
+       int len;
 
        while (uris->remove_last(uris, (void**)&id) == SUCCESS)
        {
-               if (asprintf(&uri, "%Y", id) > 0)
+               len = asprintf(&uri, "%Y", id);
+               if (len > 0)
                {
                        if (issuers->get_count(issuers))
                        {
@@ -845,6 +847,10 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris,
                                list->insert_last(list, cdp);
                        }
                }
+               else if (!len)
+               {
+                       free(uri);
+               }
                id->destroy(id);
        }
        while (issuers->remove_last(issuers, (void**)&id) == SUCCESS)