OpenSSL: Fix OCSP error path

If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2015-02-19 13:32:05 +02:00 committed by Jouni Malinen
parent bd7bb43784
commit 710dfb4e32

View file

@ -3167,7 +3167,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
sk_X509_free(certs);
certs = NULL;
}
if (conn->peer_issuer_issuer) {
if (certs && conn->peer_issuer_issuer) {
cert = X509_dup(conn->peer_issuer_issuer);
if (cert && !sk_X509_push(certs, cert)) {
tls_show_errors(