Fix a possible memleak in PKCS7_add_attrib_smimecap

When PKCS7_add_signed_attribute fails, the ASN1_STRING object may be leaked. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22744)
2025-01-18 13:44:20 +08:00 · 2023-11-15 20:32:59 +01:00 · 2023-11-15 20:32:59 +01:00 · ed3d277127
commit ed3d277127
parent e4a94bcc77
1 changed files with 6 additions and 2 deletions
--- a/crypto/pkcs7/pk7_attr.c
+++ b/crypto/pkcs7/pk7_attr.c
@ -28,8 +28,12 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
    }
    seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
                                ASN1_ITEM_rptr(X509_ALGORS));
-    return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
+    if (!PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
-                                      V_ASN1_SEQUENCE, seq);
+                                    V_ASN1_SEQUENCE, seq)) {
        ASN1_STRING_free(seq);
        return 0;
    }
    return 1;
 }
 STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)