Fix a couple other leaks on failure in X509_verify_cert. If get_issuer fails, some of these calls return rather than jumping to common cleanup code. Change-Id: Iacd59747fb11e9bfaae86f2eeed88798ee08203e Reviewed-on: https://boringssl-review.googlesource.com/5711 Reviewed-by: Adam Langley <agl@google.com>

commit: 8745865451a26c2bca339f316304de41838b4f91 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Fri Aug 14 12:24:02 2015 -0400
committer: Adam Langley <agl@google.com> Mon Aug 17 20:35:10 2015 +0000
tree: 58e0bb290b4f118b5ff0a845a912ebc406699975
parent: a6ee3de08eea8c9eb645d90b6f265c1ffa8c0064 [diff]
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 4545d9d..c22ad34 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c

@@ -252,7 +252,7 @@
 			{
 			ok = ctx->get_issuer(&xtmp, ctx, x);
 			if (ok < 0)
-				return ok;
+				goto end;
 			/* If successful for now free up cert so it
 			 * will be picked up again later.
 			 */
@@ -350,7 +350,7 @@
 
 		ok = ctx->get_issuer(&xtmp, ctx, x);
 
-		if (ok < 0) return ok;
+		if (ok < 0) goto end;
 		if (ok == 0) break;
 
 		x = xtmp;
commit	8745865451a26c2bca339f316304de41838b4f91	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Fri Aug 14 12:24:02 2015 -0400
committer	Adam Langley <agl@google.com>	Mon Aug 17 20:35:10 2015 +0000
tree	58e0bb290b4f118b5ff0a845a912ebc406699975
parent	a6ee3de08eea8c9eb645d90b6f265c1ffa8c0064 [diff]