From: Neil Horman <nhorman@openssl.org>
Date: Fri, 2 Feb 2024 13:20:50 +0000 (-0500)
Subject: Coverity found the following issues:
X-Git-Tag: openssl-3.3.1~45
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=27504de59586a23862f2f29e0d640b51d43ff24a;p=thirdparty%2Fopenssl.git

Coverity found the following issues:

1591471
1591474
1591476

which pertain to memory leaks in the conf_mod code

If an error is encountered after the module STACK_OF is duplicated or
created in the new_modules variable, we need to remember to free it in
the error path

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24337)
---

diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 7efb9820545..a19575af37f 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -368,6 +368,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
 
  err:
     ossl_rcu_write_unlock(module_list_lock);
+    sk_CONF_MODULE_free(new_modules);
     if (tmod != NULL) {
         OPENSSL_free(tmod->name);
         OPENSSL_free(tmod);
@@ -466,6 +467,7 @@ static int module_init(CONF_MODULE *pmod, const char *name, const char *value,
 
     if (!sk_CONF_IMODULE_push(new_modules, imod)) {
         ossl_rcu_write_unlock(module_list_lock);
+        sk_CONF_IMODULE_free(new_modules);
         ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB);
         goto err;
     }