crypto\cms\cms_kem.c: Add ASN1_TYPE_free when EVP_CIPHER_param_to_asn1() fails

Signed-off-by: Nachel72 <Nachel72@outlook.com>
CLA: trivial

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/28210)

diff --git a/crypto/cms/cms_kem.c b/crypto/cms/cms_kem.c
index ac698099e14fcbc01632769a58823e794537eed5..198a4dab3c258666d23440270c2cb2d1063c1899 100644 (file)
--- a/crypto/cms/cms_kem.c
+++ b/crypto/cms/cms_kem.c
@@ -135,8 +135,11 @@ static int kem_cms_encrypt(CMS_RecipientInfo *ri)
     wrap->parameter = ASN1_TYPE_new();
     if (wrap->parameter == NULL)
         goto err;
-    if (EVP_CIPHER_param_to_asn1(kekctx, wrap->parameter) <= 0)
+    if (EVP_CIPHER_param_to_asn1(kekctx, wrap->parameter) <= 0) {
+        ASN1_TYPE_free(wrap->parameter);
+        wrap->parameter = NULL;
         goto err;
+    }
     if (ASN1_TYPE_get(wrap->parameter) == NID_undef) {
         ASN1_TYPE_free(wrap->parameter);
         wrap->parameter = NULL;