From: Lidong Yan <502024330056@smail.nju.edu.cn> Date: Fri, 31 Oct 2025 06:40:06 +0000 (+0800) Subject: slh_dsa: fix leak in early return of slh_sign_internal() X-Git-Tag: 4.0-PRE-CLANG-FORMAT-WEBKIT~214 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=066bfdc946e9d89b6b966587d02619b8329fdeee;p=thirdparty%2Fopenssl.git slh_dsa: fix leak in early return of slh_sign_internal() In slh_sign_internal(), if calling PACKET_buf_init() failed, this function return without free wpkt. Replace `return 0` with `goto err` to free wpkt before return. CLA: trivial Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn> Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/29041) --- diff --git a/crypto/slh_dsa/slh_dsa.c b/crypto/slh_dsa/slh_dsa.c index 7ee465447dd..6c7b913d2fc 100644 --- a/crypto/slh_dsa/slh_dsa.c +++ b/crypto/slh_dsa/slh_dsa.c @@ -83,7 +83,7 @@ static int slh_sign_internal(SLH_DSA_HASH_CTX *hctx, if (!WPACKET_init_static_len(wpkt, sig, sig_len_expected, 0)) return 0; if (!PACKET_buf_init(rpkt, m_digest, params->m)) - return 0; + goto err; pk_seed = SLH_DSA_PK_SEED(priv); sk_seed = SLH_DSA_SK_SEED(priv);