From 08f6ae5b2896a22e1e16de3e363d1ea314700b0b Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Wed, 24 Aug 2016 11:22:47 +0100 Subject: [PATCH] Fix some resource leaks in the apps Reviewed-by: Tim Hudson --- apps/cms.c | 15 +++++++++++++++ apps/req.c | 4 ++++ apps/spkac.c | 4 +++- apps/x509.c | 4 ++++ 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/apps/cms.c b/apps/cms.c index 52186d2c03..9c41a97ec5 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -412,6 +412,11 @@ int cms_main(int argc, char **argv) noout = print = 1; break; case OPT_SECRETKEY: + if (secret_key != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid key %s\n", opt_arg()); + goto opthelp; + } secret_key = OPENSSL_hexstr2buf(opt_arg(), <mp); if (secret_key == NULL) { BIO_printf(bio_err, "Invalid key %s\n", opt_arg()); @@ -420,6 +425,11 @@ int cms_main(int argc, char **argv) secret_keylen = (size_t)ltmp; break; case OPT_SECRETKEYID: + if (secret_keyid != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid id %s\n", opt_arg()); + goto opthelp; + } secret_keyid = OPENSSL_hexstr2buf(opt_arg(), <mp); if (secret_keyid == NULL) { BIO_printf(bio_err, "Invalid id %s\n", opt_arg()); @@ -431,6 +441,11 @@ int cms_main(int argc, char **argv) pwri_pass = (unsigned char *)opt_arg(); break; case OPT_ECONTENT_TYPE: + if (econtent_type != NULL) { + /* Cannot be supplied twice */ + BIO_printf(bio_err, "Invalid OID %s\n", opt_arg()); + goto opthelp; + } econtent_type = OBJ_txt2obj(opt_arg(), 0); if (econtent_type == NULL) { BIO_printf(bio_err, "Invalid OID %s\n", opt_arg()); diff --git a/apps/req.c b/apps/req.c index 2666124546..fb37f7dfec 100644 --- a/apps/req.c +++ b/apps/req.c @@ -295,6 +295,10 @@ int req_main(int argc, char **argv) days = atoi(opt_arg()); break; case OPT_SET_SERIAL: + if (serial != NULL) { + /* Cannot be supplied twice */ + goto opthelp; + } serial = s2i_ASN1_INTEGER(NULL, opt_arg()); if (serial == NULL) goto opthelp; diff --git a/apps/spkac.c b/apps/spkac.c index b6fc46dfc2..a365406d7a 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -130,8 +130,10 @@ int spkac_main(int argc, char **argv) spkstr = NETSCAPE_SPKI_b64_encode(spki); out = bio_open_default(outfile, 'w', FORMAT_TEXT); - if (out == NULL) + if (out == NULL) { + OPENSSL_free(spkstr); goto end; + } BIO_printf(out, "SPKAC=%s\n", spkstr); OPENSSL_free(spkstr); ret = 0; diff --git a/apps/x509.c b/apps/x509.c index 05aa5547cd..9e5101259f 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -261,6 +261,10 @@ int x509_main(int argc, char **argv) CAserial = opt_arg(); break; case OPT_SET_SERIAL: + if (sno != NULL) { + /* Cannot be supplied twice */ + goto opthelp; + } if ((sno = s2i_ASN1_INTEGER(NULL, opt_arg())) == NULL) goto opthelp; break;