From: Shane Lontis <shane.lontis@oracle.com>
Date: Wed, 28 Apr 2021 07:22:50 +0000 (+1000)
Subject: Fix memory leak in load_key_certs_crls() when using stdin.
X-Git-Tag: openssl-3.0.0-alpha16~75
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=857c223bf73f6d3ec91567cf341c5267392a3e66;p=thirdparty%2Fopenssl.git

Fix memory leak in load_key_certs_crls() when using stdin.

A newly created BIO object within this function calls
OSSL_STORE_attach() which increases the ref count to 2.
OSSL_STORE_close() then decrements the ref count by 1, so the BIO still
remains.

The following new test was picking up this leak using..
> valgrind openssl crl -hash -noout < test/testcrl.pem

Not quite sure why the existing tests were not picking this up
since they appear to run through a similiar path.. such as
> valgrind openssl pkey < test-runs/test_rsa/rsa-pkcs8-ff.dd

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15058)
---

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 1ca6f6e0961..d715e25ff10 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -924,9 +924,11 @@ int load_key_certs_crls(const char *uri, int maybe_stdin,
         uri = "<stdin>";
         unbuffer(stdin);
         bio = BIO_new_fp(stdin, 0);
-        if (bio != NULL)
+        if (bio != NULL) {
             ctx = OSSL_STORE_attach(bio, "file", libctx, propq,
                                     get_ui_method(), &uidata, NULL, NULL);
+            BIO_free(bio);
+        }
     } else {
         ctx = OSSL_STORE_open_ex(uri, libctx, propq, get_ui_method(), &uidata,
                                  NULL, NULL);