Free data if sk_OPENSSL_STRING_push fails.

Fixes #26203 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26227)
2024-12-20 15:45:53 +01:00 · 2024-12-20 15:45:53 +01:00 · 2457fc4816
commit 2457fc4816
parent dfce0d7418
2 changed files with 12 additions and 2 deletions
--- a/crypto/x509/by_store.c
+++ b/crypto/x509/by_store.c
@ -122,7 +122,11 @@ static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
                uris = sk_OPENSSL_STRING_new_null();
                X509_LOOKUP_set_method_data(ctx, uris);
            }
-            return sk_OPENSSL_STRING_push(uris, data) > 0;
+            if (sk_OPENSSL_STRING_push(uris, data) <= 0) {
+                OPENSSL_free(data);
+                return 0;
+            }
+            return 1;
        }
        /* NOP if no URI is given. */
        return 1;
--- a/test/evp_test.c
+++ b/test/evp_test.c
@ -202,7 +202,13 @@ static int ctrladd(STACK_OF(OPENSSL_STRING) *controls, const char *value)

    if (data == NULL)
        return -1;
-    return sk_OPENSSL_STRING_push(controls, data) > 0;
+
+    if (sk_OPENSSL_STRING_push(controls, data) <= 0) {
+        OPENSSL_free(data);
+        return -1;
+    }
+
+    return 1;
 }

 /* Because OPENSSL_free is a macro, it can't be passed as a function pointer */