From 105217c7d58c726f4e646177e0aaefb6115aad3e Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Tue, 27 Feb 2024 15:22:58 +0100
Subject: [PATCH 48/49] 0118-no-crl-memleak.patch

Patch-name: 0118-no-crl-memleak.patch
Patch-id: 118
Patch-status: |
    # https://github.com/openssl/openssl/issues/23770
---
 crypto/x509/by_file.c                      | 2 ++
 test/recipes/60-test_x509_load_cert_file.t | 3 ++-
 test/x509_load_cert_file_test.c            | 8 +++++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 5073c137a2..85923804ac 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -198,6 +198,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
                 goto err;
             }
             count++;
+            X509_CRL_free(x);
+            x = NULL;
         }
     } else if (type == X509_FILETYPE_ASN1) {
         x = d2i_X509_CRL_bio(in, NULL);
diff --git a/test/recipes/60-test_x509_load_cert_file.t b/test/recipes/60-test_x509_load_cert_file.t
index 75aeac362c..e329d7675c 100644
--- a/test/recipes/60-test_x509_load_cert_file.t
+++ b/test/recipes/60-test_x509_load_cert_file.t
@@ -12,4 +12,5 @@ setup("test_load_cert_file");
 
 plan tests => 1;
 
-ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem")])));
+ok(run(test(["x509_load_cert_file_test", srctop_file("test", "certs", "leaf-chain.pem"),
+             srctop_file("test", "certs", "cyrillic_crl.pem")])));
diff --git a/test/x509_load_cert_file_test.c b/test/x509_load_cert_file_test.c
index 4a736071ae..c07d329915 100644
--- a/test/x509_load_cert_file_test.c
+++ b/test/x509_load_cert_file_test.c
@@ -12,6 +12,7 @@
 #include "testutil.h"
 
 static const char *chain;
+static const char *crl;
 
 static int test_load_cert_file(void)
 {
@@ -27,12 +28,15 @@ static int test_load_cert_file(void)
         && TEST_int_eq(sk_X509_num(certs), 4))
         ret = 1;
 
+    if (crl != NULL && !TEST_true(X509_load_crl_file(lookup, crl, X509_FILETYPE_PEM)))
+        ret = 0;
+
     OSSL_STACK_OF_X509_free(certs);
     X509_STORE_free(store);
     return ret;
 }
 
-OPT_TEST_DECLARE_USAGE("cert.pem...\n")
+OPT_TEST_DECLARE_USAGE("cert.pem [crl.pem]\n")
 
 int setup_tests(void)
 {
@@ -45,6 +49,8 @@ int setup_tests(void)
     if (chain == NULL)
         return 0;
 
+    crl = test_get_argument(1);
+
     ADD_TEST(test_load_cert_file);
     return 1;
 }
-- 
2.44.0