Fix memory leak in gnutls_pkcs7_import

author Zoltan Fridrich <zfridric@redhat.com>

Mon, 25 Jul 2022 14:07:54 +0000 (16:07 +0200)

committer Zoltan Fridrich <zfridric@redhat.com>

Tue, 26 Jul 2022 09:27:00 +0000 (11:27 +0200)
author Zoltan Fridrich <zfridric@redhat.com>
Mon, 25 Jul 2022 14:07:54 +0000 (16:07 +0200)
committer Zoltan Fridrich <zfridric@redhat.com>
Tue, 26 Jul 2022 09:27:00 +0000 (11:27 +0200)
diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c

index 1f35fab8719464cfeb2c428150608a38060c4a23..3227bf3a254418cd8f2c88aeb12b9ef778f3c0e3 100644 (file)
--- a/lib/x509/pkcs7.c
+++ b/lib/x509/pkcs7.c
@@ -143,6 +143,8 @@ static int _decode_pkcs7_signed_data(gnutls_pkcs7_t pkcs7)
                 }
         }
  
+       if (pkcs7->signed_data)
+               asn1_delete_structure(&pkcs7->signed_data);
         pkcs7->signed_data = c2;
         gnutls_free(tmp.data);
  
@@ -229,7 +231,9 @@ void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7)
   *
   * This function will convert the given DER or PEM encoded PKCS7 to
   * the native #gnutls_pkcs7_t format.  The output will be stored in
- * @pkcs7.
+ * @pkcs7. Any signed data that may be present inside the @pkcs7
+ * structure, like certificates set by gnutls_pkcs7_set_crt(), will
+ * be freed and overwritten by this function.
   *
   * If the PKCS7 is PEM encoded it should have a header of "PKCS7".
   *
author	Zoltan Fridrich <zfridric@redhat.com>
	Mon, 25 Jul 2022 14:07:54 +0000 (16:07 +0200)
committer	Zoltan Fridrich <zfridric@redhat.com>
	Tue, 26 Jul 2022 09:27:00 +0000 (11:27 +0200)