From: Alexandr Nedvedicky <sashan@openssl.org>
Date: Thu, 14 Mar 2024 08:53:56 +0000 (+0100)
Subject: plug potential memory leak in error code path
X-Git-Tag: openssl-3.3.0-alpha1~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=707b54bee2abbfe94a80361ab97cf77e1e4746bb;p=thirdparty%2Fopenssl.git

plug potential memory leak in error code path

Function `module_add()` may leak stack of modules when
it fails to initialize newly added module.

Fixes #23835

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23836)
---

diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index e10c18a29fa..0b703826a75 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -372,6 +372,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
         OPENSSL_free(tmod->name);
         OPENSSL_free(tmod);
     }
+    sk_CONF_MODULE_free(new_modules);
     return NULL;
 }