]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
apps/pkeyutl.c: Add OPENSSL_free() to avoid a memory leak
authorJiashengJiang <jiasheng@purdue.edu>
Tue, 22 Apr 2025 13:03:44 +0000 (09:03 -0400)
committerTomas Mraz <tomas@openssl.org>
Tue, 27 May 2025 17:47:17 +0000 (19:47 +0200)
If EVP_PKEY_CTX_ctrl_str() fails, the code jumps to 'end' label without freeing passwd, causing a memory leak.

Fixes: 9d1bf5f7de ("Add option to read pkeyopts interactively")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27470)

apps/pkeyutl.c

index 2d3fd6314476ede51b7626fbdba6697b4c424754..79ad4c6f29f5c05184080affd96d33ec58e969ff 100644 (file)
@@ -426,6 +426,7 @@ int pkeyutl_main(int argc, char **argv)
             if (EVP_PKEY_CTX_ctrl_str(ctx, opt, passwd) <= 0) {
                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
                            prog, opt);
+                OPENSSL_free(passwd);
                 goto end;
             }
             OPENSSL_free(passwd);