Handle NULL return from os_zalloc() in sta_track_add()

[mech_eap.git] / src / utils / http_curl.c

diff --git a/src/utils/http_curl.c b/src/utils/http_curl.c
index 9be0111..a06aae8 100644 (file)
--- a/src/utils/http_curl.c
+++ b/src/utils/http_curl.c
@@ -857,10 +857,8 @@ static void parse_cert(struct http_ctx *ctx, struct http_cert *hcert,
        os_memset(hcert, 0, sizeof(*hcert));
 
        *names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
-       if (*names) {
+       if (*names)
                add_alt_names(ctx, hcert, *names);
-               sk_GENERAL_NAME_pop_free(*names, GENERAL_NAME_free);
-       }
 
        add_logotype_ext(ctx, hcert, cert);
 }
@@ -1216,6 +1214,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
                wpa_printf(MSG_INFO, "OpenSSL: Could not find current server certificate from OCSP response%s",
                           (ctx->ocsp == MANDATORY_OCSP) ? "" :
                           " (OCSP not required)");
+               OCSP_CERTID_free(id);
                OCSP_BASICRESP_free(basic);
                OCSP_RESPONSE_free(rsp);
                if (ctx->ocsp == MANDATORY_OCSP)
@@ -1223,6 +1222,7 @@ static int ocsp_resp_cb(SSL *s, void *arg)
                        ctx->last_err = "Could not find current server certificate from OCSP response";
                return (ctx->ocsp == MANDATORY_OCSP) ? 0 : 1;
        }
+       OCSP_CERTID_free(id);
 
        if (!OCSP_check_validity(this_update, next_update, 5 * 60, -1)) {
                tls_show_errors(__func__, "OpenSSL: OCSP status times invalid");