crypto/cms/cms_enc.c: Add ASN1_TYPE_free before goto err

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28214)

diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index 6cbfcb0426327b80aca1114ff0f9e01bb47389c1..c68ee4627809c43e83479f6e5ce2026562d66d40 100644 (file)
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -177,12 +177,17 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
             memcpy(aparams.iv, piv, ivlen);
             aparams.iv_len = ivlen;
             aparams.tag_len = EVP_CIPHER_CTX_get_tag_length(ctx);
-            if (aparams.tag_len <= 0)
+            if (aparams.tag_len <= 0) {
+                ASN1_TYPE_free(calg->parameter);
+                calg->parameter = NULL;
                 goto err;
+            }
         }
 
         if (evp_cipher_param_to_asn1_ex(ctx, calg->parameter, &aparams) <= 0) {
             ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+            ASN1_TYPE_free(calg->parameter);
+            calg->parameter = NULL;
             goto err;
         }
         /* If parameter type not set omit parameter */
@@ -260,6 +265,7 @@ int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
 BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms)
 {
     CMS_EncryptedData *enc = cms->d.encryptedData;
+
     if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
         enc->version = 2;
     return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo,