[Fix] Fix EVP_PKEY_CTX memory leak in DKIM RSA signing

The EVP_PKEY_CTX allocated in rspamd_dkim_sign() for RSA key signing
was never freed, causing continuous memory growth when using DKIM/ARC
signing with RSA keys.

Add EVP_PKEY_CTX_free() calls in all error paths and after successful
signing to properly release the OpenSSL context.

Fixes: #5865

diff --git a/src/libserver/dkim.c b/src/libserver/dkim.c
index 18168045935e67f64ff30129ba5174eca54cbb02..2fc7cd6c4ed368bb0b442308ea97233031666d1c 100644 (file)
--- a/src/libserver/dkim.c
+++ b/src/libserver/dkim.c
@@ -3885,6 +3885,7 @@ rspamd_dkim_sign(struct rspamd_task *task, const char *selector,
                        g_string_free(hdr, true);
                        msg_err_task("rsa sign error: %s",
                                                 ERR_error_string(ERR_get_error(), NULL));
+                       EVP_PKEY_CTX_free(pctx);
 
                        return NULL;
                }
@@ -3892,6 +3893,7 @@ rspamd_dkim_sign(struct rspamd_task *task, const char *selector,
                        g_string_free(hdr, true);
                        msg_err_task("rsa sign error: %s",
                                                 ERR_error_string(ERR_get_error(), NULL));
+                       EVP_PKEY_CTX_free(pctx);
 
                        return NULL;
                }
@@ -3899,6 +3901,7 @@ rspamd_dkim_sign(struct rspamd_task *task, const char *selector,
                        g_string_free(hdr, true);
                        msg_err_task("rsa sign error: %s",
                                                 ERR_error_string(ERR_get_error(), NULL));
+                       EVP_PKEY_CTX_free(pctx);
 
                        return NULL;
                }
@@ -3907,9 +3910,11 @@ rspamd_dkim_sign(struct rspamd_task *task, const char *selector,
                        g_string_free(hdr, true);
                        msg_err_task("rsa sign error: %s",
                                                 ERR_error_string(ERR_get_error(), NULL));
+                       EVP_PKEY_CTX_free(pctx);
 
                        return NULL;
                }
+               EVP_PKEY_CTX_free(pctx);
        }
 #ifdef HAVE_ED25519
        else if (ctx->key->type == RSPAMD_DKIM_KEY_EDDSA) {