Fix some resource leaks in the apps

Reviewed-by: Tim Hudson <tjh@openssl.org>
7 years ago · 08f6ae5b28
parent c74aea8d6c
commit 08f6ae5b28
4 changed files with 26 additions and 1 deletions
--- a/apps/cms.c
+++ b/apps/cms.c
@ -412,6 +412,11 @@ int cms_main(int argc, char **argv)
            noout = print = 1;
            break;
        case OPT_SECRETKEY:
+            if (secret_key != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
+                goto opthelp;
+            }
            secret_key = OPENSSL_hexstr2buf(opt_arg(), &ltmp);
            if (secret_key == NULL) {
                BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
@ -420,6 +425,11 @@ int cms_main(int argc, char **argv)
            secret_keylen = (size_t)ltmp;
            break;
        case OPT_SECRETKEYID:
+            if (secret_keyid != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
+                goto opthelp;
+            }
            secret_keyid = OPENSSL_hexstr2buf(opt_arg(), &ltmp);
            if (secret_keyid == NULL) {
                BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
@ -431,6 +441,11 @@ int cms_main(int argc, char **argv)
            pwri_pass = (unsigned char *)opt_arg();
            break;
        case OPT_ECONTENT_TYPE:
+            if (econtent_type != NULL) {
+                /* Cannot be supplied twice */
+                BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
+                goto opthelp;
+            }
            econtent_type = OBJ_txt2obj(opt_arg(), 0);
            if (econtent_type == NULL) {
                BIO_printf(bio_err, "Invalid OID %s\n", opt_arg());
--- a/apps/req.c
+++ b/apps/req.c
@ -295,6 +295,10 @@ int req_main(int argc, char **argv)
            days = atoi(opt_arg());
            break;
        case OPT_SET_SERIAL:
+            if (serial != NULL) {
+                /* Cannot be supplied twice */
+                goto opthelp;
+            }
            serial = s2i_ASN1_INTEGER(NULL, opt_arg());
            if (serial == NULL)
                goto opthelp;
--- a/apps/spkac.c
+++ b/apps/spkac.c
@ -130,8 +130,10 @@ int spkac_main(int argc, char **argv)
        spkstr = NETSCAPE_SPKI_b64_encode(spki);

        out = bio_open_default(outfile, 'w', FORMAT_TEXT);
-        if (out == NULL)
+        if (out == NULL) {
+            OPENSSL_free(spkstr);
            goto end;
+        }
        BIO_printf(out, "SPKAC=%s\n", spkstr);
        OPENSSL_free(spkstr);
        ret = 0;
--- a/apps/x509.c
+++ b/apps/x509.c
@ -261,6 +261,10 @@ int x509_main(int argc, char **argv)
            CAserial = opt_arg();
            break;
        case OPT_SET_SERIAL:
+            if (sno != NULL) {
+                /* Cannot be supplied twice */
+                goto opthelp;
+            }
            if ((sno = s2i_ASN1_INTEGER(NULL, opt_arg())) == NULL)
                goto opthelp;
            break;