openssl3/SOURCES/0118-no-crl-memleak.patch

From 105217c7d58c726f4e646177e0aaefb6115aad3e Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Tue, 27 Feb 2024 15:22:58 +0100
Subject: [PATCH 48/49] 0118-no-crl-memleak.patch

Patch-name: 0118-no-crl-memleak.patch
Patch-id: 118
Patch-status: |
    # https://github.com/openssl/openssl/issues/23770
---
 crypto/x509/by_file.c                      | 2 ++
 test/recipes/60-test_x509_load_cert_file.t | 3 ++-
 test/x509_load_cert_file_test.c            | 8 +++++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 5073c137a2..85923804ac 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
                 goto err;
             }
             count++;
+            X509_CRL_free(x);
+            x = NULL;
         }
     } else if (type == X509_FILETYPE_ASN1) {
         x = d2i_X509_CRL_bio(in, NULL);
diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t
index 75aeac362c..e329d7675c 100644
--- a/test/recipes/60-test_x509_load_cert_file.t
+++ b/test/recipes/60-test_x509_load_cert_file.t
@@ -12,4 +12,5 @@ setup("test_load_cert_file");
 
 plan tests => 1;
 
-ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")])));
+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"),
+             srctop_file("test", "certs", "cyrillic_crl.pem")])));
diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c
index 4a736071ae..c07d329915 100644
--- a/test/x509_load_cert_file_test.c
+++ b/test/x509_load_cert_file_test.c
@@ -12,6 +12,7 @@
 #include "testutil.h"
 
 static const char *chain;
+static const char *crl;
 
 static int test_load_cert_file(void)
 {
@@ -27,12 +28,15 @@ static int test_load_cert_file(void)
         && TEST_int_eq(sk_X509_num(certs), 4))
         ret = 1;
 
+    if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM)))
+        ret = 0;
+
     OSSL_STACK_OF_X509_free(certs);
     X509_STORE_free(store);
     return ret;
 }
 
-OPT_TEST_DECLARE_USAGE("cert.pem...\n")
+OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n")
 
 int setup_tests(void)
 {
@@ -45,6 +49,8 @@ int setup_tests(void)
     if (chain == NULL)
         return 0;
 
+    crl = test_get_argument(1);
+
     ADD_TEST(test_load_cert_file);
     return 1;
 }
-- 
2.44.0
import openssl3-3.2.1-1.1.el8 7 months ago			`From 105217c7d58c726f4e646177e0aaefb6115aad3e Mon Sep 17 00:00:00 2001`
			`From: Dmitry Belyavskiy <beldmit@gmail.com>`
			`Date: Tue, 27 Feb 2024 15:22:58 +0100`
			`Subject: [PATCH 48/49] 0118-no-crl-memleak.patch`

			`Patch-name: 0118-no-crl-memleak.patch`
			`Patch-id: 118`
			`Patch-status: \|`
			`# https://github.com/openssl/openssl/issues/23770`
			`---`
			`crypto/x509/by_file.c \| 2 ++`
			`test/recipes/60-test_x509_load_cert_file.t \| 3 ++-`
			`test/x509_load_cert_file_test.c \| 8 +++++++-`
			`3 files changed, 11 insertions(+), 2 deletions(-)`

			`diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c`
			`index 5073c137a2..85923804ac 100644`
			`--- a/crypto/x509/by_file.c`
			`+++ b/crypto/x509/by_file.c`
			`@@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP ctx, const char file, int type)`
			`goto err;`
			`}`
			`count++;`
			`+ X509_CRL_free(x);`
			`+ x = NULL;`
			`}`
			`} else if (type == X509_FILETYPE_ASN1) {`
			`x = d2i_X509_CRL_bio(in, NULL);`
			`diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t`
			`index 75aeac362c..e329d7675c 100644`
			`--- a/test/recipes/60-test_x509_load_cert_file.t`
			`+++ b/test/recipes/60-test_x509_load_cert_file.t`
			`@@ -12,4 +12,5 @@ setup("test_load_cert_file");`

			`plan tests => 1;`

			`-ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")])));`
			`+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"),`
			`+ srctop_file("test", "certs", "cyrillic_crl.pem")])));`
			`diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c`
			`index 4a736071ae..c07d329915 100644`
			`--- a/test/x509_load_cert_file_test.c`
			`+++ b/test/x509_load_cert_file_test.c`
			`@@ -12,6 +12,7 @@`
			`#include "testutil.h"`

			`static const char *chain;`
			`+static const char *crl;`

			`static int test_load_cert_file(void)`
			`{`
			`@@ -27,12 +28,15 @@ static int test_load_cert_file(void)`
			`&& TEST_int_eq(sk_X509_num(certs), 4))`
			`ret = 1;`

			`+ if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM)))`
			`+ ret = 0;`
			`+`
			`OSSL_STACK_OF_X509_free(certs);`
			`X509_STORE_free(store);`
			`return ret;`
			`}`

			`-OPT_TEST_DECLARE_USAGE("cert.pem...\n")`
			`+OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n")`

			`int setup_tests(void)`
			`{`
			`@@ -45,6 +49,8 @@ int setup_tests(void)`
			`if (chain == NULL)`
			`return 0;`

			`+ crl = test_get_argument(1);`
			`+`
			`ADD_TEST(test_load_cert_file);`
			`return 1;`
			`}`
			`--`
			`2.44.0`