]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 95a3662)
Fixes some memory leaks when errors occur in ossl_cmp_rp_new().
authorFrederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Sat, 21 Dec 2024 14:32:32 +0000 (15:32 +0100)
committerTomas Mraz <tomas@openssl.org>
Mon, 27 Jan 2025 07:17:27 +0000 (08:17 +0100)
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26235)

crypto/cmp/cmp_msg.c patch | blob | blame | history

diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index f57597b817f00926e044d05dad49b0d45765f36e..a0b3fb0aea0faebfc66756793dac0498b8d4bc59 100644 (file)
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -593,23 +593,20 @@ OSSL_CMP_MSG *ossl_cmp_rp_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si,
         goto err;
     rep = msg->body->value.rp;
 
-    if ((si1 = OSSL_CMP_PKISI_dup(si)) == NULL)
+    if ((si1 = OSSL_CMP_PKISI_dup(si)) == NULL
+            || !sk_OSSL_CMP_PKISI_push(rep->status, si1))
         goto err;
 
-    if (!sk_OSSL_CMP_PKISI_push(rep->status, si1)) {
-        OSSL_CMP_PKISI_free(si1);
-        goto err;
-    }
+    si1 = NULL; /* ownership transferred to rep->status */
 
     if ((rep->revCerts = sk_OSSL_CRMF_CERTID_new_null()) == NULL)
         goto err;
     if (cid != NULL) {
-        if ((cid_copy = OSSL_CRMF_CERTID_dup(cid)) == NULL)
-            goto err;
-        if (!sk_OSSL_CRMF_CERTID_push(rep->revCerts, cid_copy)) {
-            OSSL_CRMF_CERTID_free(cid_copy);
+        if ((cid_copy = OSSL_CRMF_CERTID_dup(cid)) == NULL
+                || !sk_OSSL_CRMF_CERTID_push(rep->revCerts, cid_copy))
             goto err;
-        }
+
+        cid_copy = NULL; /* ownership transferred to rep->revCerts */
     }
 
     if (!unprotectedErrors
@@ -621,6 +618,8 @@ OSSL_CMP_MSG *ossl_cmp_rp_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si,
 
  err:
     ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_CREATING_RP);
+    OSSL_CMP_PKISI_free(si1);
+    OSSL_CRMF_CERTID_free(cid_copy);
     OSSL_CMP_MSG_free(msg);
     return NULL;
 }
Mirror of https://github.com/openssl/openssl.git