From 42fe40b1c3b369243ecebc43fe52f9cb0a3cfd69 Mon Sep 17 00:00:00 2001 From: Frederik Wedel-Heinen Date: Fri, 20 Dec 2024 15:45:53 +0100 Subject: [PATCH] Free data if sk_OPENSSL_STRING_push fails. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes #26203 Reviewed-by: Paul Dale Reviewed-by: Saša Nedvědický Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/26227) (cherry picked from commit 2457fc4816551a7e982117a4032fd1c259c493a7) --- crypto/x509/by_store.c | 6 +++++- test/evp_test.c | 8 +++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/crypto/x509/by_store.c b/crypto/x509/by_store.c index 9ba5b31a441..1474474a2d1 100644 --- a/crypto/x509/by_store.c +++ b/crypto/x509/by_store.c @@ -122,7 +122,11 @@ static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, uris = sk_OPENSSL_STRING_new_null(); X509_LOOKUP_set_method_data(ctx, uris); } - return sk_OPENSSL_STRING_push(uris, data) > 0; + if (sk_OPENSSL_STRING_push(uris, data) <= 0) { + OPENSSL_free(data); + return 0; + } + return 1; } /* NOP if no URI is given. */ return 1; diff --git a/test/evp_test.c b/test/evp_test.c index 30a5c854684..4ca11f58290 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -202,7 +202,13 @@ static int ctrladd(STACK_OF(OPENSSL_STRING) *controls, const char *value) if (data == NULL) return -1; - return sk_OPENSSL_STRING_push(controls, data) > 0; + + if (sk_OPENSSL_STRING_push(controls, data) <= 0) { + OPENSSL_free(data); + return -1; + } + + return 1; } /* Because OPENSSL_free is a macro, it can't be passed as a function pointer */ -- 2.47.2