[x509] Fix some memory leaks when using OpenSSL APIs

Author: c-jimenez

src/tools/x509/Certificate.cpp

@@ -249,6 +249,7 @@ void Certificate::convertCertificateRequest(void* request, const void* issuer, v
     // Set the public key
     EVP_PKEY* public_key = X509_REQ_get_pubkey(cert_request);
     X509_set_pubkey(cert, public_key);
+    EVP_PKEY_free(public_key);
 
     // Set the extensions
     STACK_OF(X509_EXTENSION)* extensions = X509_REQ_get_extensions(cert_request);
@@ -278,7 +279,7 @@ void Certificate::convertCertificateRequest(void* request, const void* issuer, v
         if (val)
         {
             X509_add1_ext_i2d(cert, NID_issuer_alt_name, val, crit, 0);
-            OPENSSL_free(val);
+            sk_GENERAL_NAME_pop_free((STACK_OF(GENERAL_NAME)*)val, GENERAL_NAME_free);
         }
     }
 
@@ -388,13 +389,11 @@ void Certificate::readInfos(Certificate& certificate)
             {
                 void* ext                                              = X509_get_ext_d2i(cert, NID_issuer_alt_name, nullptr, nullptr);
                 certificate.m_x509v3_extensions.issuer_alternate_names = convertGeneralNames(ext);
-                OPENSSL_free(ext);
             }
             else if (extension_obj_nid == NID_subject_alt_name)
             {
                 void* ext                                               = X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr);
                 certificate.m_x509v3_extensions.subject_alternate_names = convertGeneralNames(ext);
-                OPENSSL_free(ext);
             }
             else if (extension_obj_nid == NID_basic_constraints)
             {
@@ -411,7 +410,7 @@ void Certificate::readInfos(Certificate& certificate)
                                 static_cast<unsigned int>(ASN1_INTEGER_get(basic_constraint->pathlen));
                         }
                     }
-                    OPENSSL_free(basic_constraint);
+                    BASIC_CONSTRAINTS_free(basic_constraint);
                 }
             }
             else

src/tools/x509/X509Document.cpp

@@ -174,10 +174,10 @@ std::string X509Document::convertX509Name(const void* px509_name)
 }
 
 /** @brief Convert a list of strings in GENERAL_NAMES format to a standard vector of strings representation */
-std::vector<std::string> X509Document::convertGeneralNames(const void* pgeneral_names)
+std::vector<std::string> X509Document::convertGeneralNames(void* pgeneral_names)
 {
     std::vector<std::string> names;
-    const STACK_OF(GENERAL_NAME)* general_names = reinterpret_cast<const STACK_OF(GENERAL_NAME)*>(pgeneral_names);
+    STACK_OF(GENERAL_NAME)* general_names = reinterpret_cast<STACK_OF(GENERAL_NAME)*>(pgeneral_names);
 
     int names_count = sk_GENERAL_NAME_num(general_names);
     for (int i = 0; i < names_count; i++)
@@ -216,6 +216,8 @@ std::vector<std::string> X509Document::convertGeneralNames(const void* pgeneral_
         }
     }
 
+    sk_GENERAL_NAME_pop_free(general_names, GENERAL_NAME_free);
+
     return names;
 }
 

src/tools/x509/X509Document.h

@@ -232,7 +232,7 @@ class X509Document
     /** @brief Convert a string in X509_NAME format to a standard string representation */
     static std::string convertX509Name(const void* px509_name);
     /** @brief Convert a list of strings in GENERAL_NAMES format to a standard vector of strings representation */
-    static std::vector<std::string> convertGeneralNames(const void* pgeneral_names);
+    static std::vector<std::string> convertGeneralNames(void* pgeneral_names);
     /** @brief Parse a subject's string */
     static void parseSubjectString(const void* px509_name, Subject& subject);
 };