Merge remote-tracking branch 'origin/5.15' into dev

Change-Id: I4134c0c6b6c9911950f58b3b5c86e789d28a185b
author: Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org> 2019-12-04 01:00:23 +0100
committer: Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org> 2019-12-04 01:00:23 +0100
commit: 0c29ebe374caad7e29c6a3d35c72c4eddaacc6af (patch)
tree: c6b228302ab37375a82f7bfb535e5bb39d36e624 /src/network/ssl
parent: e5438e8ded27eb6f7f0e85704d6843069296c698 (diff)
parent: 2ed59f0d42d2817a5855be167f5e3ccf23563e39 (diff)
1 files changed, 4 insertions, 8 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 489d7a8ee6..f0775ba33b 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -92,6 +92,7 @@
 #endif
 
 #include <algorithm>
+#include <memory>
 
 #include <string.h>
 
@@ -2169,6 +2170,7 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &
         errors << QSslError(QSslError::UnspecifiedError);
         return errors;
     }
+    const std::unique_ptr<X509_STORE, decltype(&q_X509_STORE_free)> storeGuard(certStore, q_X509_STORE_free);
 
     if (s_loadRootCertsOnDemand) {
         setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates());
@@ -2209,7 +2211,6 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &
         intermediates = (STACK_OF(X509) *) q_OPENSSL_sk_new_null();
 
         if (!intermediates) {
-            q_X509_STORE_free(certStore);
             errors << QSslError(QSslError::UnspecifiedError);
             return errors;
         }
@@ -2227,14 +2228,12 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &
 
     X509_STORE_CTX *storeContext = q_X509_STORE_CTX_new();
     if (!storeContext) {
-        q_X509_STORE_free(certStore);
         errors << QSslError(QSslError::UnspecifiedError);
         return errors;
     }
+    std::unique_ptr<X509_STORE_CTX, decltype(&q_X509_STORE_CTX_free)> ctxGuard(storeContext, q_X509_STORE_CTX_free);
 
     if (!q_X509_STORE_CTX_init(storeContext, certStore, reinterpret_cast<X509 *>(certificateChain[0].handle()), intermediates)) {
-        q_X509_STORE_CTX_free(storeContext);
-        q_X509_STORE_free(certStore);
         errors << QSslError(QSslError::UnspecifiedError);
         return errors;
     }
@@ -2243,8 +2242,7 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &
     // We ignore the result of this function since we process errors via the
     // callback.
     (void) q_X509_verify_cert(storeContext);
-
-    q_X509_STORE_CTX_free(storeContext);
+    ctxGuard.reset();
     q_OPENSSL_sk_free((OPENSSL_STACK *)intermediates);
 
     // Now process the errors
@@ -2266,8 +2264,6 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &
     for (const auto &error : qAsConst(lastErrors))
         errors << _q_OpenSSL_to_QSslError(error.code, certificateChain.value(error.depth));
 
-    q_X509_STORE_free(certStore);
-
     return errors;
 }
author	Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org>	2019-12-04 01:00:23 +0100
committer	Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org>	2019-12-04 01:00:23 +0100
commit	0c29ebe374caad7e29c6a3d35c72c4eddaacc6af (patch)
tree	c6b228302ab37375a82f7bfb535e5bb39d36e624 /src/network/ssl
parent	e5438e8ded27eb6f7f0e85704d6843069296c698 (diff)
parent	2ed59f0d42d2817a5855be167f5e3ccf23563e39 (diff)