Fix memory leak in get_str_from_file()

If BIO_gets encounters an empty file or read error, the function
returns NULL without freeing the dynamically allocated heap block (buf).

Safely clear and free the allocated buffer before returning NULL on
the error path. Since get_str_from_file() may handle cryptographic
keys, OPENSSL_clear_free() is used to prevent leaking sensitive data.

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/30373)

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 8747c03028c135ec52ded8899b8d736603d0a224..6e8167b7e9156b425e8bab6aa1ff8016f4b33b49 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -3824,6 +3824,7 @@ char *get_str_from_file(const char *filename)
     bio = NULL;
     if (n <= 0) {
         BIO_printf(bio_err, "Error reading from %s\n", filename);
+        OPENSSL_clear_free(buf, MAX_KEY_SIZE);
         return NULL;
     }
     tmp = strchr(buf, '\n');