git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Niels Dossche <7771979+nielsdos@users.noreply.github.com>
	Wed, 2 Oct 2024 19:53:52 +0000 (21:53 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 7 Oct 2024 15:55:13 +0000 (17:55 +0200)
commit	d8b7a6eae9383fced785b9f4e2f24da0dc0a082d
tree	0eab9f3e8abaabadf0a0ae39386c56fa73664ef7	tree
parent	80a31435e5a0cf1ccd2d7369f6c43319bce5b9a5	commit \| diff

Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)

crypto/pkcs7/pk7_doit.c

diff | blob | blame | history

Mirror of https://github.com/openssl/openssl.git

RSS Atom