]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1717fd9) | patch
Fix potential memory leak in PKCS7_signatureVerify()
authorNiels Dossche <7771979+nielsdos@users.noreply.github.com>
Wed, 2 Oct 2024 19:53:52 +0000 (21:53 +0200)
committerTomas Mraz <tomas@openssl.org>
Mon, 7 Oct 2024 15:56:17 +0000 (17:56 +0200)
commit138b494d3e128e38b5f5fec9751e9d99eaf3fef2
tree9b0a0707ab34b62e711f15e6214205f694e23278tree | snapshot
parent1717fd985821e71c62300ef26e4f652fa394b545commit | diff
Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)

(cherry picked from commit d8b7a6eae9383fced785b9f4e2f24da0dc0a082d)
crypto/pkcs7/pk7_doit.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git