aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatarLibravatar daurnimator <quae@daurnimator.com> 2017-04-03 19:29:42 +1000
committerLibravatarLibravatar daurnimator <quae@daurnimator.com> 2017-04-03 19:29:42 +1000
commite9feb9dd6c8e87544d2f891e4a1e7b9d7f0264ad (patch)
tree7752be57e4a012147a8eb4d1bfab62813f824574
parent4dcda3a009e3f56ea37dac44f9d891b1903d8742 (diff)
downloadluaossl-e9feb9dd6c8e87544d2f891e4a1e7b9d7f0264ad.tar.gz
luaossl-e9feb9dd6c8e87544d2f891e4a1e7b9d7f0264ad.tar.bz2
luaossl-e9feb9dd6c8e87544d2f891e4a1e7b9d7f0264ad.zip
Don't leak ctx on error
Fixes #72
-rw-r--r--src/openssl.c13
1 files changed, 5 insertions, 8 deletions
diff --git a/src/openssl.c b/src/openssl.c
index 2b363d5..dc67d8a 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -7328,7 +7328,7 @@ static int xs_verify(lua_State *L) {
X509 *crt = checksimple(L, 2, X509_CERT_CLASS);
STACK_OF(X509) *chain = NULL, **proof;
X509_STORE_CTX *ctx = NULL;
- int nr = 0, ok, why;
+ int ok, why;
/* pre-allocate space for a successful return */
lua_settop(L, 3);
@@ -7363,27 +7363,24 @@ static int xs_verify(lua_State *L) {
case 1: /* verified */
if (!(*proof = X509_STORE_CTX_get1_chain(ctx)))
goto eossl;
+ X509_STORE_CTX_free(ctx);
lua_pushboolean(L, 1);
lua_pushvalue(L, -2);
- nr = 2;
- break;
+ return 2;
case 0: /* not verified */
why = X509_STORE_CTX_get_error(ctx);
+ X509_STORE_CTX_free(ctx);
lua_pushboolean(L, 0);
lua_pushstring(L, X509_verify_cert_error_string(why));
- nr = 2;
- break;
+ return 2;
default:
goto eossl;
}
- X509_STORE_CTX_free(ctx);
-
- return nr;
eossl:
if (ctx)
X509_STORE_CTX_free(ctx);