fix(pkcs12): prevent PKCS7 memleak in p12_npas.c

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28292)

diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c
index 37abb3821d4b358a643b9c747493b0fe457142fe..b1320f793bc1c18341a3565bc0dab6f84840be70 100644 (file)
--- a/crypto/pkcs12/p12_npas.c
+++ b/crypto/pkcs12/p12_npas.c
@@ -62,7 +62,8 @@ static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
     STACK_OF(PKCS7) *asafes = NULL, *newsafes = NULL;
     STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
     int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0, cipherid = NID_undef;
-    PKCS7 *p7, *p7new;
+    PKCS7 *p7;
+    PKCS7 *p7new = NULL;
     ASN1_OCTET_STRING *p12_data_tmp = NULL, *macoct = NULL;
     unsigned char mac[EVP_MAX_MD_SIZE];
     unsigned int maclen;
@@ -99,8 +100,10 @@ static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
             p7new = PKCS12_pack_p7encdata_ex(pbe_nid, newpass, -1, NULL,
                                              pbe_saltlen, pbe_iter, bags,
                                              p7->ctx.libctx, p7->ctx.propq);
-        if (p7new == NULL || !sk_PKCS7_push(newsafes, p7new))
+        if (p7new == NULL || !sk_PKCS7_push(newsafes, p7new)) {
+            PKCS7_free(p7new);
             goto err;
+        }
         sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
         bags = NULL;
     }