diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2000-03-02 00:37:53 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2000-03-02 00:37:53 +0000 |
| commit | 582e5929243183b8ba21514b7c198d70359e4734 (patch) | |
| tree | 741bf9b6399c727449d9c6d9596906b18161214f /crypto/x509/x509_vfy.c | |
| parent | 8782a426278dbbd3499a38003acc8a8efe6dce3c (diff) | |
| download | openssl-582e5929243183b8ba21514b7c198d70359e4734.tar.gz | |
Fix bug which would free up a public key
twice if the verify callback tried to
continue after a signature failure.
Diffstat (limited to 'crypto/x509/x509_vfy.c')
| -rw-r--r-- | crypto/x509/x509_vfy.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 4fdff54124..8563f65695 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -436,11 +436,14 @@ static int internal_verify(X509_STORE_CTX *ctx) } if (X509_verify(xs,pkey) <= 0) { - EVP_PKEY_free(pkey); ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->current_cert=xs; ok=(*cb)(0,ctx); - if (!ok) goto end; + if (!ok) + { + EVP_PKEY_free(pkey); + goto end; + } } EVP_PKEY_free(pkey); pkey=NULL; |