From: Niels Dossche <niels.dossche@ugent.be>
Date: Mon, 28 Oct 2024 16:04:03 +0000 (+0100)
Subject: Fix potential memory leak in PKCS12_add_key_ex()
X-Git-Tag: openssl-3.0.16~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0f4dfff7840950f15f2339609ca180072a4ebe32;p=thirdparty%2Fopenssl.git

Fix potential memory leak in PKCS12_add_key_ex()

p8 is allocated using EVP_PKEY2PKCS8(), but when PKCS8_add_keyusage()
fails this memory is not freed. Fix this by adding a call to
PKCS8_PRIV_KEY_INFO_free().

Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25818)

(cherry picked from commit f822a4866894ed8a752ad93c228fb76a8bb206e8)
---

diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index 1a48e5c611d..8354b7c2ea1 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -210,8 +210,10 @@ PKCS12_SAFEBAG *PKCS12_add_key_ex(STACK_OF(PKCS12_SAFEBAG) **pbags,
     /* Make a PKCS#8 structure */
     if ((p8 = EVP_PKEY2PKCS8(key)) == NULL)
         goto err;
-    if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
+    if (key_usage && !PKCS8_add_keyusage(p8, key_usage)) {
+        PKCS8_PRIV_KEY_INFO_free(p8);
         goto err;
+    }
     if (nid_key != -1) {
         /* This call does not take ownership of p8 */
         bag = PKCS12_SAFEBAG_create_pkcs8_encrypt_ex(nid_key, pass, -1, NULL, 0,