]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ed3d277)
Fix a possible memleak in CMS_sign_receipt
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Fri, 17 Nov 2023 06:12:42 +0000 (07:12 +0100)
committerRichard Levitte <levitte@openssl.org>
Wed, 22 Nov 2023 08:31:03 +0000 (09:31 +0100)
When an error happens after cms_encode_Receipt
the ASN1_OCTET_STRING object "os" may be leaked.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22758)

crypto/cms/cms_smime.c patch | blob | blame | history

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 65f9674037761729e232d3e83f4864533b033863..99a72f4dffe3cf492f7b6885c9e690f3117cd1b4 100644 (file)
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -560,7 +560,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 {
     CMS_SignerInfo *rct_si;
     CMS_ContentInfo *cms = NULL;
-    ASN1_OCTET_STRING **pos, *os;
+    ASN1_OCTET_STRING **pos, *os = NULL;
     BIO *rct_cont = NULL;
     int r = 0;
     const CMS_CTX *ctx = si->cms_ctx;
@@ -622,6 +622,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
     if (r)
         return cms;
     CMS_ContentInfo_free(cms);
+    ASN1_OCTET_STRING_free(os);
     return NULL;
 
 }
Mirror of https://github.com/openssl/openssl.git