From: slontis Date: Fri, 24 Jun 2022 04:01:07 +0000 (+1000) Subject: Fix memory leak in ossl_rsa_fromdata. X-Git-Tag: openssl-3.2.0-alpha1~2472 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=28adea95975c3ea53fc590efda35dee13efd4767;p=thirdparty%2Fopenssl.git Fix memory leak in ossl_rsa_fromdata. Occurs if a malloc failure happens inside collect_numbers() Reported via #18365 Reviewed-by: Matt Caswell Reviewed-by: Bernd Edlinger Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18646) --- diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index b69c94fc112..bc658d9d30d 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -49,9 +49,12 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, if (p != NULL) { BIGNUM *tmp = NULL; - if (!OSSL_PARAM_get_BN(p, &tmp) - || sk_BIGNUM_push(numbers, tmp) == 0) + if (!OSSL_PARAM_get_BN(p, &tmp)) return 0; + if (sk_BIGNUM_push(numbers, tmp) == 0) { + BN_clear_free(tmp); + return 0; + } } }