From 0d9d75b124880ee5a3aeb5c2af92a04340c02bef Mon Sep 17 00:00:00 2001
From: Xin LI <delphij@FreeBSD.org>
Date: Tue, 2 Apr 2013 17:34:42 +0000
Subject: Fix OpenSSL multiple vulnerabilities. [13:03]

Fix BIND remote denial of service. [13:04]

Security:	CVE-2013-0166, CVE-2013-0169
Security:	FreeBSD-SA-13:03.openssl
Security:	CVE-2013-2266
Security:	FreeBSD-SA-13:04.bind
Approved by:	so
---
 crypto/openssl/apps/apps.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'crypto/openssl/apps/apps.c')

diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c
index a4b77e13e3ad..f9fe9a2af1c5 100644
--- a/crypto/openssl/apps/apps.c
+++ b/crypto/openssl/apps/apps.c
@@ -2052,7 +2052,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
 	X509_NAME *n = NULL;
 	int nid;
 
-	if (!buf || !ne_types || !ne_values)
+	if (!buf || !ne_types || !ne_values || !mval)
 		{
 		BIO_printf(bio_err, "malloc error\n");
 		goto error;
@@ -2156,6 +2156,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
 	OPENSSL_free(ne_values);
 	OPENSSL_free(ne_types);
 	OPENSSL_free(buf);
+	OPENSSL_free(mval);
 	return n;
 
 error:
@@ -2164,6 +2165,8 @@ error:
 		OPENSSL_free(ne_values);
 	if (ne_types)
 		OPENSSL_free(ne_types);
+	if (mval)
+		OPENSSL_free(mval);
 	if (buf)
 		OPENSSL_free(buf);
 	return NULL;
-- 
cgit v1.2.3