> Hi All,
>
> >From OpenSSL RT:
> http://rt.openssl.org/Ticket/Display.html?id=3278&user=guest&pass=guest
>
> len can be 0 as well, and in which case, memory isn't freed.
Correct. If successful, data is actually a malloc(len + 1), thus if
len == 0, we leak a \0 byte...
> Patch from Frantisek Boranek:
>
> Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c
> ===================================================================
> RCS file: /cvs/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c,v
> retrieving revision 1.12
> diff -u -p -u -p -r1.12 p12_kiss.c
> --- lib/libssl/src/crypto/pkcs12/p12_kiss.c 17 Apr 2014 13:37:49 -0000
> 1.12
> +++ lib/libssl/src/crypto/pkcs12/p12_kiss.c 4 Jun 2014 09:08:37 -0000
> @@ -269,7 +269,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag
> int len, r;
> unsigned char *data;
> len = ASN1_STRING_to_UTF8(&data, fname);
> - if(len > 0) {
> + if(len >= 0) {
> r = X509_alias_set1(x509, data, len);
> free(data);
> if (!r)
>
