]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e3f7f1)
Fix potential memory leak in OSSL_HPKE_CTX_new()
authorNiels Dossche <niels.dossche@ugent.be>
Sun, 27 Oct 2024 20:48:17 +0000 (21:48 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 30 Oct 2024 11:58:16 +0000 (11:58 +0000)
ctx->propq is a duplicated string, but the error code does not free
the duplicated string's memory. If e.g. EVP_CIPHER_fetch() fails then
we can leak the string's memory.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25812)

crypto/hpke/hpke.c patch | blob | blame | history

diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c
index 5a403097c4169f90f280ff4f863fb5e715afd2c3..8dca5584cbc782a7fe5bd5ff1daa174efcd44d54 100644 (file)
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c
@@ -841,6 +841,7 @@ OSSL_HPKE_CTX *OSSL_HPKE_CTX_new(int mode, OSSL_HPKE_SUITE suite, int role,
 
  err:
     EVP_CIPHER_free(ctx->aead_ciph);
+    OPENSSL_free(ctx->propq);
     OPENSSL_free(ctx);
     return NULL;
 }
Mirror of https://github.com/openssl/openssl.git