From c2e845914a4f999183ceb950e915c5525ccdf643 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Sat, 11 Oct 2025 06:57:01 +0800 Subject: [PATCH] CMP client: fix three memory leaks in error handling of the polling mechanism added in 3.3 These are in poll_for_response(), OSSL_CMP_try_certreq(), and OSSL_CMP_exec_certreq(). Reviewed-by: Matt Caswell Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/28840) --- crypto/cmp/cmp_client.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index 2001414241c..76e6771166c 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -369,7 +369,7 @@ static int poll_for_response(OSSL_CMP_CTX *ctx, int sleep, int rid, } else { ossl_cmp_info(ctx, "received final response after polling"); if (!ossl_cmp_ctx_set1_first_senderNonce(ctx, NULL)) - return 0; + goto err; break; } } @@ -830,7 +830,7 @@ int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, goto err; if (!save_senderNonce_if_waiting(ctx, rep, rid)) - return 0; + goto err; } else { if (req_type < 0) return ossl_cmp_exchange_error(ctx, OSSL_CMP_PKISTATUS_rejection, @@ -873,7 +873,7 @@ X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type, goto err; if (!save_senderNonce_if_waiting(ctx, rep, rid)) - return 0; + goto err; if (cert_response(ctx, 1 /* sleep */, rid, &rep, NULL, req_type, rep_type) <= 0) -- 2.47.3