]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1dbef6c) | patch
Fix potential memory leak in PKCS7_signatureVerify()
authorNiels Dossche <7771979+nielsdos@users.noreply.github.com>
Wed, 2 Oct 2024 19:53:52 +0000 (21:53 +0200)
committerTomas Mraz <tomas@openssl.org>
Mon, 7 Oct 2024 15:56:32 +0000 (17:56 +0200)
commitf27af2898d892839d8ff6f7ceaf74299032ca6fb
tree91771482027811ace35e7def0e575098a02a1088tree | snapshot
parent1dbef6c9a65348d63a37a4c6f8738b263269a889commit | diff
Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)

(cherry picked from commit d8b7a6eae9383fced785b9f4e2f24da0dc0a082d)
crypto/pkcs7/pk7_doit.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git