From: JiashengJiang <jiasheng@purdue.edu>
Date: Fri, 16 May 2025 22:34:03 +0000 (-0400)
Subject: apps/cmp.c: Free bio on error to avoid memory leak
X-Git-Tag: openssl-3.4.2~53
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=612f2b0fa4e7dc4105be6be106ad85a8f13de6da;p=thirdparty%2Fopenssl.git

apps/cmp.c: Free bio on error to avoid memory leak

Call BIO_free() to release bio if ASN1_i2d_bio_of() fails, preventing a memory leak.

Fixes: 6a3579e190 ("CMP: add support for requesting cert template using genm/genp")
Signed-off-by: JiashengJiang <jiasheng@purdue.edu>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27647)

(cherry picked from commit e0ae801728776b53e2be0972846072ce32bea304)
---

diff --git a/apps/cmp.c b/apps/cmp.c
index 5d1ca78c832..16c448ad2a4 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -2452,6 +2452,7 @@ static int save_template(const char *file, const OSSL_CRMF_CERTTEMPLATE *tmpl)
                          bio, tmpl)) {
         CMP_err1("error saving certTemplate from genp: cannot write file %s",
                  file);
+        BIO_free(bio);
         return 0;
     } else {
         CMP_info1("stored certTemplate from genp to file '%s'", file);
@@ -2471,6 +2472,7 @@ static int save_keyspec(const char *file, const OSSL_CMP_ATAVS *keyspec)
 
     if (!ASN1_i2d_bio_of(OSSL_CMP_ATAVS, i2d_OSSL_CMP_ATAVS, bio, keyspec)) {
         CMP_err1("error saving keySpec from genp: cannot write file %s", file);
+        BIO_free(bio);
         return 0;
     } else {
         CMP_info1("stored keySpec from genp to file '%s'", file);