From 20c680de9c435534be48fa85b2a975067a4e7c9d Mon Sep 17 00:00:00 2001
From: olszomal <Malgorzata.Olszowka@stunnel.org>
Date: Thu, 30 Nov 2023 12:53:40 +0100
Subject: [PATCH] Fix loading more than one certificate in PEM format in
 X509_load_cert_file_ex()

Fixes #22895

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22885)
---
 crypto/x509/by_file.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 450bbba053..5073c137a2 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -128,6 +128,17 @@ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
                 count = 0;
                 goto err;
             }
+            /*
+             * X509_STORE_add_cert() added a reference rather than a copy,
+             * so we need a fresh X509 object.
+             */
+            X509_free(x);
+            x = X509_new_ex(libctx, propq);
+            if (x == NULL) {
+                ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
+                count = 0;
+                goto err;
+            }
             count++;
         }
     } else if (type == X509_FILETYPE_ASN1) {