From: slontis <shane.lontis@oracle.com>
Date: Mon, 27 Jun 2022 23:49:17 +0000 (+1000)
Subject: Fix memory leak in cmp_calc_protection()
X-Git-Tag: openssl-3.2.0-alpha1~2456
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=74c929d00dce3a4755164859c600aabb3838a87b;p=thirdparty%2Fopenssl.git

Fix memory leak in cmp_calc_protection()

Triggered by a  memory allocation failure.
Detected by PR #18355

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18670)
---

diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c
index 93976a7eea5..937b713c232 100644
--- a/crypto/cmp/cmp_protect.c
+++ b/crypto/cmp/cmp_protect.c
@@ -91,7 +91,7 @@ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
             goto end;
 
         if ((prot = ASN1_BIT_STRING_new()) == NULL)
-            return NULL;
+            goto end;
         /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */
         prot->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
         prot->flags |= ASN1_STRING_FLAG_BITS_LEFT;