public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix memleak in rsa_cms_sign error path

Browse source 
If the call to X509_ALGOR_set0 fails then the allocated ASN1_STRING
variable passed as parameter leaks.  Fix by explicitly freeing like
how all other codepaths with X509_ALGOR_set0 do.

Fixes #22680

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24868)

(cherry picked from commit 5efc57caf2)
This commit is contained in:
Daniel Gustafsson 2024-07-12 20:49:16 +02:00 committed by Tomas Mraz
parent 40c8ebe5d2
commit 961d7efb02
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
crypto/cms/cms_rsa.c
View file

@ -222,7 +222,10 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
os = ossl_rsa_ctx_to_pss_string(pkctx);
if (os == NULL)
return 0;
return X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os);
if (X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os))
return 1;
ASN1_STRING_free(os);
return 0;
}
params[0] = OSSL_PARAM_construct_octet_string(