1. In crypto/x509v3/v3_cpols.c/r2i_certpol(...) the variable vals need
to be freed if error occured too:
...
sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
return pols;
err:
+ sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
return NULL;
}
2. If parse failed, r2i_certpol return empty policy info without error.
pols = sk_POLICYINFO_new_null();
- vals = X509V3_parse_list(value);
+ if((vals = X509V3_parse_list(value)) == NULL) goto err;
ia5org = 0;
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
