]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17dd9a2)
Fix a possible memleak in SRP_VBASE_new
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Wed, 6 Sep 2023 12:06:52 +0000 (14:06 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 8 Sep 2023 07:20:23 +0000 (09:20 +0200)
In the error handling case the memory in
vb->users_pwd was accidentally not released.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21981)

crypto/srp/srp_vfy.c patch | blob | blame | history

diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 72ef5e814e68cdbaee29a9cb208b1e4433d0100e..2ca515396b7189ec49904a0e5845a8f9e1fefce8 100644 (file)
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -281,6 +281,7 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key)
         return NULL;
     if ((vb->users_pwd = sk_SRP_user_pwd_new_null()) == NULL
         || (vb->gN_cache = sk_SRP_gN_cache_new_null()) == NULL) {
+        sk_SRP_user_pwd_free(vb->users_pwd);
         OPENSSL_free(vb);
         return NULL;
     }
A mirror of the official openssl repository