BUG/MEDIUM: acme: free() of i2d_X509_REQ() with AWS-LC

When using AWS-LC, the free() of the data ptr resulting from
i2d_X509_REQ() might crash, because it uses the free() of the libc
instead of OPENSSL_free().

It does not seems to be a problem on openssl builds.

Must be backported in 3.2.

diff --git a/src/acme.c b/src/acme.c
index a745884ef488d0956837897ab3ad3db89657a0b0..e302b986539260f18ae286724317985359a73254 100644 (file)
--- a/src/acme.c
+++ b/src/acme.c
@@ -1317,7 +1317,7 @@ int acme_req_finalize(struct task *task, struct acme_ctx *ctx, char **errmsg)
        csr->data = ret;
 
        chunk_printf(req_in, "{ \"csr\": \"%.*s\" }", (int)csr->data, csr->area);
-       free(data);
+       OPENSSL_free(data);
 
 
        if (acme_jws_payload(req_in, ctx->nonce, ctx->finalize, ctx->cfg->account.pkey, ctx->kid, req_out, errmsg) != 0)