min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ensure we call X509_STORE_CTX_cleanup on error path too (#360) 

As X509_STORE_CTX_init may fail after setting some values
that should outlive the store context, we must ensure we
clean things up on its error path too.

We also know it's always ok to call X509_STORE_CTX_cleanupas X509_STORE_CTX_init starts with a call to it.
This commit is contained in:
Anthony Ramine 2025-06-02 16:40:44 +02:00 committed by GitHub
parent 6789a72fc0
commit 15975ddde4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
boring/src/x509/mod.rs
View File

@ -130,14 +130,15 @@ impl X509StoreContextRef {
} }
unsafe { unsafe {
let cleanup = Cleanup(self);
cvt(ffi::X509_STORE_CTX_init( cvt(ffi::X509_STORE_CTX_init(
self.as_ptr(), cleanup.0.as_ptr(),
trust.as_ptr(), trust.as_ptr(),
cert.as_ptr(), cert.as_ptr(),
cert_chain.as_ptr(), cert_chain.as_ptr(),
))?; ))?;
let cleanup = Cleanup(self);
with_context(cleanup.0) with_context(cleanup.0)
} }
} }