From d4da0b57304ccd82a131d197dfa164c2ac89a0f2 Mon Sep 17 00:00:00 2001
From: slontis <shane.lontis@oracle.com>
Date: Fri, 17 Feb 2023 09:51:59 +1000
Subject: [PATCH] Fix memleak in rsa_cms_decrypt

If a call to EVP_PKEY_CTX_set_rsa_mgf1_md() fails then the caller
needs to free the label.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20319)

(cherry picked from commit d32dd65053431ee744d213b336b9a03a035807e6)
---
 crypto/cms/cms_rsa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c
index 68545e5fb7e..12bc8184389 100644
--- a/crypto/cms/cms_rsa.c
+++ b/crypto/cms/cms_rsa.c
@@ -99,8 +99,10 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
     if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
         goto err;
     if (label != NULL
-            && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0)
+            && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) {
+        OPENSSL_free(label);
         goto err;
+    }
     /* Carry on */
     rv = 1;
 
-- 
2.47.2