From: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Fri, 10 Oct 2025 22:57:01 +0000 (+0800)
Subject: CMP client: fix three memory leaks in error handling of the polling mechanism added... 
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c2e845914a4f999183ceb950e915c5525ccdf643;p=thirdparty%2Fopenssl.git

CMP client: fix three memory leaks in error handling of the polling mechanism added in 3.3

These are in poll_for_response(), OSSL_CMP_try_certreq(), and OSSL_CMP_exec_certreq().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/28840)
---

diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
index 2001414241c..76e6771166c 100644
--- a/crypto/cmp/cmp_client.c
+++ b/crypto/cmp/cmp_client.c
@@ -369,7 +369,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
         } else {
             ossl_cmp_info(ctx, "received final response after polling");
             if (!ossl_cmp_ctx_set1_first_senderNonce(ctx, NULL))
-                return 0;
+                goto err;
             break;
         }
     }
@@ -830,7 +830,7 @@ int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type,
             goto err;
 
         if (!save_senderNonce_if_waiting(ctx, rep, rid))
-            return 0;
+            goto err;
     } else {
         if (req_type < 0)
             return ossl_cmp_exchange_error(ctx, OSSL_CMP_PKISTATUS_rejection,
@@ -873,7 +873,7 @@ X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type,
         goto err;
 
     if (!save_senderNonce_if_waiting(ctx, rep, rid))
-        return 0;
+        goto err;
 
     if (cert_response(ctx, 1 /* sleep */, rid, &rep, NULL, req_type, rep_type)
         <= 0)