From: Niels Dossche <niels.dossche@ugent.be>
Date: Wed, 20 Nov 2024 19:22:43 +0000 (+0100)
Subject: Fix potential memory leak on failure of dsa_gen_init()
X-Git-Tag: openssl-3.1.8~63
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0f73f3d9366325a09baeaecfdc22814695905962;p=thirdparty%2Fopenssl.git

Fix potential memory leak on failure of dsa_gen_init()

When dsa_gen_set_params()  returns 0, it could have duplicated the memory for the parameter
OSSL_PKEY_PARAM_FFC_DIGEST already in gctx->mdname, leading to a memory leak.

Allocated here: https://github.com/openssl/openssl/blob/47a80fd2034cd4314d3b4958539dcd3106087109/providers/implementations/keymgmt/dsa_kmgmt.c#L524
Can return 0 here: https://github.com/openssl/openssl/blob/47a80fd2034cd4314d3b4958539dcd3106087109/providers/implementations/keymgmt/dsa_kmgmt.c#L529-L536

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/26016)

(cherry picked from commit d7e8f6f7816f2be3ab5e498d180424940fd58695)
---

diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 2f5742cfcc0..e3c3fd6916e 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -426,7 +426,7 @@ static void *dsa_gen_init(void *provctx, int selection,
         gctx->hindex = 0;
     }
     if (!dsa_gen_set_params(gctx, params)) {
-        OPENSSL_free(gctx);
+        dsa_gen_cleanup(gctx);
         gctx = NULL;
     }
     return gctx;