From: openssl-machine <openssl-machine@openssl.org>
Date: Mon, 23 Mar 2026 08:09:03 +0000 (+0100)
Subject: CMS_verify(): Fix leak of tmpin in an error path
X-Git-Tag: openssl-4.0.0~92
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e7c79efbd03eaa8f3f4e686ad66deb2631e9d68;p=thirdparty%2Fopenssl.git

CMS_verify(): Fix leak of tmpin in an error path

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Fri Mar 27 16:43:44 2026
(Merged from https://github.com/openssl/openssl/pull/30535)

(cherry picked from commit 2036e997430f4bee75d3a60301f7ecc8c2e66198)
---

diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 6ddcec61573..659c033482b 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -474,8 +474,10 @@ err:
     } else {
         if (dcont && (tmpin == dcont))
             do_free_upto(cmsbio, dcont);
-        else
+        else if (cmsbio != NULL)
             BIO_free_all(cmsbio);
+        else
+            BIO_free(tmpin);
     }
 
     if (out != tmpout)