From: Pauli <paul.dale@oracle.com>
Date: Sun, 13 Sep 2020 21:40:58 +0000 (+1000)
Subject: PKCS#8: free data on error path in newpass_bag
X-Git-Tag: openssl-3.0.0-alpha7~238
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e2d66c0d007ad8bcf80890dadf681135d24d86cd;p=thirdparty%2Fopenssl.git

PKCS#8: free data on error path in newpass_bag

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/12870)
---

diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c
index ee35c45abb4..7f04ce10de3 100644
--- a/crypto/pkcs12/p12_npas.c
+++ b/crypto/pkcs12/p12_npas.c
@@ -157,8 +157,10 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
     if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL)
         return 0;
     X509_SIG_get0(bag->value.shkeybag, &shalg, NULL);
-    if (!alg_get(shalg, &p8_nid, &p8_iter, &p8_saltlen))
+    if (!alg_get(shalg, &p8_nid, &p8_iter, &p8_saltlen)) {
+        PKCS8_PRIV_KEY_INFO_free(p8);
         return 0;
+    }
     p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
                           p8_iter, p8);
     PKCS8_PRIV_KEY_INFO_free(p8);