Created attachment 38208 [details] 0001-modules-ssl-ssl_engine_init-Add-check-for-X509_STORE_CTX_init.patch As the potential failure of the X509_STORE_CTX_init(), for example there is no lock, the 'sctx' could fail to initialize. Therefore, it should be better to check X509_STORE_CTX_init() and return error if fails.
Created attachment 38212 [details] Free sctx and sk I think also sk should be freed in this case.
OK, that's right. Need I submit a new patch, or directly using your 'attachment 38212 [details]'?
Committed in r1898410.