From: Niels Dossche <dossche.niels@gmail.com>
Subject: [PATCH] libressl: fix memory leak in x509_name_encode on error
To: tech@openbsd.org
Date: Wed, 19 Mar 2025 13:47:24 +0100

Hi

This patch fixes a memory leak when an error occurs in x509_name_encode in libressl.

This issue was found via an experimental static analyzer I'm working on,
and I manually read the code to verify whether this is a real bug or not.


---------------------------------------------------------------------------
diff --git lib/libcrypto/asn1/x_name.c lib/libcrypto/asn1/x_name.c
index 7bacd833404..b472ec88c74 100644
--- lib/libcrypto/asn1/x_name.c
+++ lib/libcrypto/asn1/x_name.c
@@ -414,8 +414,10 @@ x509_name_encode(X509_NAME *a)
 			if (!entries)
 				goto memerr;
 			if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
-			    entries))
+			    entries)) {
+				sk_X509_NAME_ENTRY_free(entries);
 				goto memerr;
+			}
 			set = entry->set;
 		}
 		if (entries == NULL /* if entry->set is bogusly -1 */ ||