Fix PKCS7 memory leak

Commit f0e0fd51f was a bit over-zealous in removing a call to X509_STORE_CTX_cleanup(). The call in question was in a loop and was required to cleanup resources used on each iteration of the loop. Removing this resulted in a memory leak. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-04-18 11:35:34 +0200
committer: Matt Caswell <matt@openssl.org> 2016-04-18 15:59:23 +0200
commit: 36c6f0ad0f1464d47493309c24e2275af7f09c1e (patch)
tree: 23eb9a503bda128828969591cf3be738032515d7 /crypto
parent: Make string_to_hex/hex_to_string public (diff)
download: openssl-36c6f0ad0f1464d47493309c24e2275af7f09c1e.tar.xz
openssl-36c6f0ad0f1464d47493309c24e2275af7f09c1e.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index b146f68137..7c2d5c9895 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -328,6 +328,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
             i = X509_verify_cert(cert_ctx);
             if (i <= 0)
                 j = X509_STORE_CTX_get_error(cert_ctx);
+            X509_STORE_CTX_cleanup(cert_ctx);
             if (i <= 0) {
                 PKCS7err(PKCS7_F_PKCS7_VERIFY,
                          PKCS7_R_CERTIFICATE_VERIFY_ERROR);
author	Matt Caswell <matt@openssl.org>	2016-04-18 11:35:34 +0200
committer	Matt Caswell <matt@openssl.org>	2016-04-18 15:59:23 +0200
commit	36c6f0ad0f1464d47493309c24e2275af7f09c1e (patch)
tree	23eb9a503bda128828969591cf3be738032515d7 /crypto
parent	Make string_to_hex/hex_to_string public (diff)
download	openssl-36c6f0ad0f1464d47493309c24e2275af7f09c1e.tar.xz openssl-36c6f0ad0f1464d47493309c24e2275af7f09c1e.zip