Fix memory leaks from missing checks of return value from sk_OPENSSL_STRING_push()

Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26238)
author: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk> 2024-12-21 21:15:36 +0100
committer: Tomas Mraz <tomas@openssl.org> 2025-01-09 15:23:39 +0100
commit: d48874ab477be0fa3df11bfcc38c043b8f7ab8e2 (patch)
tree: 26c019d7c0c7a7129c7f5b7bd76765cbef41452e /apps/smime.c
parent: Fix the use of OPENSSL_HTTP_PROXY / OPENSSL_HTTPS_PROXY (diff)
download: openssl-d48874ab477be0fa3df11bfcc38c043b8f7ab8e2.tar.xz
openssl-d48874ab477be0fa3df11bfcc38c043b8f7ab8e2.zip
1 files changed, 12 insertions, 6 deletions
diff --git a/apps/smime.c b/apps/smime.c
index 132caba2ef..93ec1161e2 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -315,13 +315,15 @@ int smime_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 if (keyfile == NULL)
                     keyfile = signerfile;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
                 keyfile = NULL;
             }
             signerfile = opt_arg();
@@ -346,12 +348,14 @@ int smime_main(int argc, char **argv)
                 if (sksigners == NULL
                     && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                    goto end;
                 signerfile = NULL;
                 if (skkeys == NULL
                     && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                     goto end;
-                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                    goto end;
             }
             keyfile = opt_arg();
             break;
@@ -424,12 +428,14 @@ int smime_main(int argc, char **argv)
             if (sksigners == NULL
                 && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
-            sk_OPENSSL_STRING_push(sksigners, signerfile);
+            if (sk_OPENSSL_STRING_push(sksigners, signerfile) <= 0)
+                goto end;
             if (!skkeys && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL)
                 goto end;
             if (!keyfile)
                 keyfile = signerfile;
-            sk_OPENSSL_STRING_push(skkeys, keyfile);
+            if (sk_OPENSSL_STRING_push(skkeys, keyfile) <= 0)
+                goto end;
         }
         if (sksigners == NULL) {
             BIO_printf(bio_err, "No signer certificate specified\n");
author	Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>	2024-12-21 21:15:36 +0100
committer	Tomas Mraz <tomas@openssl.org>	2025-01-09 15:23:39 +0100
commit	d48874ab477be0fa3df11bfcc38c043b8f7ab8e2 (patch)
tree	26c019d7c0c7a7129c7f5b7bd76765cbef41452e /apps/smime.c
parent	Fix the use of OPENSSL_HTTP_PROXY / OPENSSL_HTTPS_PROXY (diff)
download	openssl-d48874ab477be0fa3df11bfcc38c043b8f7ab8e2.tar.xz openssl-d48874ab477be0fa3df11bfcc38c043b8f7ab8e2.zip