Change handling of atypical OpenSSL error case in x509 verification.

src/file_analysis/analyzer/x509/functions.bif

@@ -215,9 +215,17 @@ function x509_verify%(certs: x509_opaque_vector, root_certs: table_string_of_str
 			X509* currcert = sk_X509_value(chain, i);
 
 			if ( currcert )
-				chainVector->Assign(i, new file_analysis::X509Val(currcert)); // X509Val takes ownership
+				// X509Val takes ownership of currcert.
+				chainVector->Assign(i, new file_analysis::X509Val(currcert));
 			else
+				{
 				reporter->InternalWarning("OpenSSL returned null certificate");
+
+				for ( int j = i + 1; i < num_certs; ++j )
+					X509_free(sk_X509_value(chain, j));
+
+				break;
+				}
 			}
 
 		sk_X509_free(chain);