Fix memory leaks after failure of PKCS7_add_signed_attribute()

author widneve <wito.deneve@ugent.be>

Tue, 20 May 2025 14:23:09 +0000 (16:23 +0200)

committer Tomas Mraz <tomas@openssl.org>

Fri, 23 May 2025 15:37:30 +0000 (17:37 +0200)
author widneve <wito.deneve@ugent.be>
Tue, 20 May 2025 14:23:09 +0000 (16:23 +0200)
committer Tomas Mraz <tomas@openssl.org>
Fri, 23 May 2025 15:37:30 +0000 (17:37 +0200)
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c

index 8937bb2d6671e6f0d4b83b6d209e7d86613dc8cc..7b323531c3fc11910fe5014e40677d9f2238caeb 100644 (file)
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -645,8 +645,12 @@ static int ossl_ess_add1_signing_cert(PKCS7_SIGNER_INFO *si,
      }
  
      OPENSSL_free(pp);
-    return PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificate,
-                                      V_ASN1_SEQUENCE, seq);
+    if (!PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificate,
+                                    V_ASN1_SEQUENCE, seq)) {
+        ASN1_STRING_free(seq);
+        return 0;
+    }
+    return 1;
  }
  
  static int ossl_ess_add1_signing_cert_v2(PKCS7_SIGNER_INFO *si,
@@ -668,8 +672,12 @@ static int ossl_ess_add1_signing_cert_v2(PKCS7_SIGNER_INFO *si,
      }
  
      OPENSSL_free(pp);
-    return PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificateV2,
-                                      V_ASN1_SEQUENCE, seq);
+    if (!PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificateV2,
+                                    V_ASN1_SEQUENCE, seq)) {
+        ASN1_STRING_free(seq);
+        return 0;
+    }
+    return 1;
  }
  
  static int ts_RESP_sign(TS_RESP_CTX *ctx)
author	widneve <wito.deneve@ugent.be>
	Tue, 20 May 2025 14:23:09 +0000 (16:23 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 23 May 2025 15:37:30 +0000 (17:37 +0200)