From 35b97122ea59fdaa56105482caf12f3ca594a2f4 Mon Sep 17 00:00:00 2001 From: Frederik Wedel-Heinen Date: Sat, 21 Dec 2024 15:32:32 +0100 Subject: [PATCH] Fixes some memory leaks when errors occur in ossl_cmp_rp_new(). Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/26235) --- crypto/cmp/cmp_msg.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c index f57597b817f..a0b3fb0aea0 100644 --- a/crypto/cmp/cmp_msg.c +++ b/crypto/cmp/cmp_msg.c @@ -593,23 +593,20 @@ OSSL_CMP_MSG *ossl_cmp_rp_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si, goto err; rep = msg->body->value.rp; - if ((si1 = OSSL_CMP_PKISI_dup(si)) == NULL) + if ((si1 = OSSL_CMP_PKISI_dup(si)) == NULL + || !sk_OSSL_CMP_PKISI_push(rep->status, si1)) goto err; - if (!sk_OSSL_CMP_PKISI_push(rep->status, si1)) { - OSSL_CMP_PKISI_free(si1); - goto err; - } + si1 = NULL; /* ownership transferred to rep->status */ if ((rep->revCerts = sk_OSSL_CRMF_CERTID_new_null()) == NULL) goto err; if (cid != NULL) { - if ((cid_copy = OSSL_CRMF_CERTID_dup(cid)) == NULL) - goto err; - if (!sk_OSSL_CRMF_CERTID_push(rep->revCerts, cid_copy)) { - OSSL_CRMF_CERTID_free(cid_copy); + if ((cid_copy = OSSL_CRMF_CERTID_dup(cid)) == NULL + || !sk_OSSL_CRMF_CERTID_push(rep->revCerts, cid_copy)) goto err; - } + + cid_copy = NULL; /* ownership transferred to rep->revCerts */ } if (!unprotectedErrors @@ -621,6 +618,8 @@ OSSL_CMP_MSG *ossl_cmp_rp_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si, err: ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_CREATING_RP); + OSSL_CMP_PKISI_free(si1); + OSSL_CRMF_CERTID_free(cid_copy); OSSL_CMP_MSG_free(msg); return NULL; } -- 2.47.2