From: jwalch <jeremy.walch@gmail.com>
Date: Thu, 29 Oct 2020 14:52:52 +0000 (-0400)
Subject: Patch leak in EVP_PKEY2PKCS8() error path
X-Git-Tag: openssl-3.0.0-alpha8~17
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=908cf7cefbb2a4c2a8ea1dd4798d1e689db6e3ed;p=thirdparty%2Fopenssl.git

Patch leak in EVP_PKEY2PKCS8() error path

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13278)
---

diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 9e7c9786563..b5a8f1cd720 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -78,7 +78,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey)
     /* Force a key downgrade if that's possible */
     /* TODO(3.0) Is there a better way for provider-native keys? */
     if (EVP_PKEY_get0(pkey) == NULL)
-        return NULL;
+        goto error;
 
     if (pkey->ameth) {
         if (pkey->ameth->priv_encode) {