From: sashan <anedvedicky@gmail.com>
Date: Wed, 22 May 2024 04:40:41 +0000 (+0200)
Subject: Fix potential memory leak in OSSL_IETF_ATTR_SYNTAX_add1_value()
X-Git-Tag: openssl-3.4.0-alpha1~504
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cfaa79f837968cdf1b988e0f39cf2c31179c5740;p=thirdparty%2Fopenssl.git

Fix potential memory leak in OSSL_IETF_ATTR_SYNTAX_add1_value()

The function may leak memory if it deals with an unknown type.
Issue reported by LuMingYinDetect.

Fixes #24452

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24454)
---

diff --git a/crypto/x509/x_ietfatt.c b/crypto/x509/x_ietfatt.c
index 08db0bafc72..14197602805 100644
--- a/crypto/x509/x_ietfatt.c
+++ b/crypto/x509/x_ietfatt.c
@@ -174,6 +174,7 @@ int OSSL_IETF_ATTR_SYNTAX_add1_value(OSSL_IETF_ATTR_SYNTAX *a, int type,
         val->u.string = data;
         break;
     default:
+        OSSL_IETF_ATTR_SYNTAX_VALUE_free(val);
         ERR_raise(ERR_LIB_X509V3, ERR_R_PASSED_INVALID_ARGUMENT);
         return 0;
     }