certtool: eliminated memory leaks due to new cert loading code

2 files changed, 16 insertions, 3 deletions

diff --git a/src/certtool-common.c b/src/certtool-common.c
index 7cf5581d20..e092ef20b6 100644
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -358,11 +358,19 @@ load_x509_private_key(int mand, common_info_st * info)
 gnutls_x509_crt_t load_cert(int mand, common_info_st * info)
 {
 	gnutls_x509_crt_t *crt;
-	size_t size;
+	gnutls_x509_crt_t ret_crt;
+	size_t size, i;
 
 	crt = load_cert_list(mand, &size, info);
+	if (crt) {
+		ret_crt = crt[0];
+		for (i=1;i<size;i++)
+			gnutls_x509_crt_deinit(crt[i]);
+		gnutls_free(crt);
+		return ret_crt;
+	}
 
-	return crt ? crt[0] : NULL;
+	return NULL;
 }
 
 /* Loads a certificate list
diff --git a/src/certtool.c b/src/certtool.c
index afb69d66ac..4467514393 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -659,7 +659,9 @@ generate_crl(gnutls_x509_crt_t ca_crt, common_info_st * cinfo)
 				gnutls_strerror(result));
 			exit(1);
 		}
+		gnutls_x509_crt_deinit(crts[i]);
 	}
+	gnutls_free(crts);
 
 	result = gnutls_x509_crl_set_this_update(crl, now);
 	if (result < 0) {
@@ -933,6 +935,7 @@ static void generate_signed_crl(common_info_st * cinfo)
 
 	gnutls_privkey_deinit(ca_key);
 	gnutls_x509_crl_deinit(crl);
+	gnutls_x509_crt_deinit(ca_crt);
 }
 
 static void update_signed_certificate(common_info_st * cinfo)
@@ -3003,6 +3006,7 @@ void pkcs7_generate(common_info_st * cinfo)
 		}
 		gnutls_x509_crt_deinit(crts[i]);
 	}
+	gnutls_free(crts);
 
 	for (i=0;i<crl_size;i++) {
 		ret = gnutls_pkcs7_set_crl(pkcs7, crls[i]);
@@ -3012,6 +3016,7 @@ void pkcs7_generate(common_info_st * cinfo)
 		}
 		gnutls_x509_crl_deinit(crls[i]);
 	}
+	gnutls_free(crls);
 
 	ret =
 	    gnutls_pkcs7_export2(pkcs7, outcert_format, &tmp);
@@ -3289,7 +3294,7 @@ void generate_pkcs12(common_info_st * cinfo)
 	}
 
 	fwrite(lbuffer, 1, size, outfile);
-
+	gnutls_free(crts);
 }
 
 static const char *BAGTYPE(gnutls_pkcs12_bag_type_t x)