the latest release of openSSL has a piece of code with a small issue.
in tree_init( )

see below. The second 'if' check was meant for tree->levels i presume.
Needs to be corrected.

> tree = OPENSSL_malloc(sizeof(X509_POLICY_TREE));
> if (!tree)
> return 0;
> tree->flags = 0;
> tree->levels = OPENSSL_malloc(sizeof(X509_POLICY_LEVEL) * n);
> tree->nlevel = 0;
> tree->extra_data = NULL;
> tree->auth_policies = NULL;
> tree->user_policies = NULL;
>
> if (!tree)
> {
> OPENSSL_free(tree);
> return 0;
> }
>


Thanks.