Andre Guibert de Bruet fixed a memory leak when PKCS #12 parsing failed

3 files changed, 3 insertions, 1 deletions

diff --git a/CHANGES b/CHANGES
index 00d8543a6..258ab845d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,7 +9,7 @@ Daniel S (22 May 2007)
 - Andre Guibert de Bruet fixed a memory leak in the function that verifies the
   peer's name in the SSL certificate when built for OpenSSL. The leak happens
   for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
-  name from UTF8.
+  name from UTF8. He also fixed a leak when PKCS #12 parsing failed.
 
 Daniel S (18 May 2007)
 - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 9c18d9fdf..4aba1bc69 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -46,6 +46,7 @@ This release includes the following bugfixes:
  o TFTP connect timouts less than 5 seconds
  o improved curl -w for TFTP transfers
  o memory leak when failed OpenSSL certificate CN field checking
+ o memory leak when OpenSSL failed PKCS #12 parsing
 
 This release includes the following known bugs:
 
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 76c3bd846..19412877c 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -377,6 +377,7 @@ int cert_stuff(struct connectdata *conn,
         failf(data,
               "could not parse PKCS12 file, check password, OpenSSL error %s",
               ERR_error_string(ERR_get_error(), NULL) );
+        PKCS12_free(p12);
         return 0;
       }