mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix memleak in rsa_cms_sign error path

Browse Source 
If the call to X509_ALGOR_set0 fails then the allocated ASN1_STRING
variable passed as parameter leaks.  Fix by explicitly freeing like
how all other codepaths with X509_ALGOR_set0 do.

Fixes #22680

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24868)
This commit is contained in:
Daniel Gustafsson 2024-07-12 20:49:16 +02:00 committed by Tomas Mraz
parent 2bb83824bb
commit 5efc57caf2
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/cms/cms_rsa.c
View File

@ -222,7 +222,10 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
os = ossl_rsa_ctx_to_pss_string(pkctx);
if (os == NULL)
return 0;
return X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os);
if (X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os))
return 1;
ASN1_STRING_free(os);
return 0;
}
params[0] = OSSL_PARAM_construct_octet_string(