Merge branch 'fix/RA/v4.7.0-coverity' of https://github.com/DKubasekRA/wolfssl into fix/RA/v4.7.0-coverity

2021-03-04 18:26:20 +01:00 · 2021-03-04 18:26:20 +01:00 · ea243e0906
commit ea243e0906
parent d5cd9c4a7f 027f05e349
2 changed files with 6 additions and 1 deletions
--- a/src/ocsp.c
+++ b/src/ocsp.c
@ -608,8 +608,10 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
        XMEMCPY(derCert->buffer, issuer->derCert->buffer,
                issuer->derCert->length);
        ret = AddCA(cm, &derCert, WOLFSSL_USER_CA, 1);
-        if (ret != WOLFSSL_SUCCESS)
+        if (ret != WOLFSSL_SUCCESS) {
+            wolfSSL_CertManagerFree(cm);
            return NULL;
+        }
    }

    certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), NULL,
--- a/src/ssl.c
+++ b/src/ssl.c
@ -8531,6 +8531,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
            NO_VERIFY, NULL) < 0) {
        WOLFSSL_MSG("\tCertificate parsing failed");
        wolfSSL_X509_EXTENSION_free(ext);
+        FreeDecodedCert(&cert);
        return NULL;
    }

@ -9551,6 +9552,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos)
            CA_TYPE,
            NO_VERIFY, NULL) < 0) {
        WOLFSSL_MSG("\tCertificate parsing failed");
+        FreeDecodedCert(&cert);
        return WOLFSSL_FATAL_ERROR;
    }

@ -18296,6 +18298,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
        x509 = wolfSSL_X509_new();
        if (x509 == NULL) {
            WOLFSSL_MSG("Error Creating X509");
+            wolfSSL_sk_X509_free(sk);
            return NULL;
        }
        ret = DecodeToX509(x509, ssl->session.chain.certs[i].buffer,