]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e3c6227) | patch
Fix potential memory leak in PKCS7_signatureVerify()
authorNiels Dossche <7771979+nielsdos@users.noreply.github.com>
Wed, 2 Oct 2024 19:53:52 +0000 (21:53 +0200)
committerTomas Mraz <tomas@openssl.org>
Mon, 7 Oct 2024 15:56:24 +0000 (17:56 +0200)
commit09b96bf7b576699be92678152fff971a92cf54c0
tree115ee9520ca906a0ac6e24246167cebeea3030f1tree
parente3c6227a723ac6ff455a62ba3b13d96974456010commit | diff
Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)

(cherry picked from commit d8b7a6eae9383fced785b9f4e2f24da0dc0a082d)
crypto/pkcs7/pk7_doit.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git