mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix a possible memleak in CMS_sign_receipt

Browse Source 
When an error happens after cms_encode_Receipt
the ASN1_OCTET_STRING object "os" may be leaked.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22758)
This commit is contained in:
Bernd Edlinger 2023-11-17 07:12:42 +01:00 committed by Richard Levitte
parent ed3d277127
commit 3e3aadd51c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/cms/cms_smime.c
View File

@ -560,7 +560,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
{ {
CMS_SignerInfo *rct_si; CMS_SignerInfo *rct_si;
CMS_ContentInfo *cms = NULL; CMS_ContentInfo *cms = NULL;
ASN1_OCTET_STRING **pos, *os; ASN1_OCTET_STRING **pos, *os = NULL;
BIO *rct_cont = NULL; BIO *rct_cont = NULL;
int r = 0; int r = 0;
const CMS_CTX *ctx = si->cms_ctx; const CMS_CTX *ctx = si->cms_ctx;
@ -622,6 +622,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
if (r) if (r)
return cms; return cms;
CMS_ContentInfo_free(cms); CMS_ContentInfo_free(cms);
ASN1_OCTET_STRING_free(os);
return NULL; return NULL;
} }