diff options
| author | Roberto Hueso Gomez <roberto@robertohueso.org> | 2022-07-15 11:21:30 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-07-18 10:19:11 +0200 |
| commit | af801ec89205aaf6ebf8522d510d0b1fc29e3233 (patch) | |
| tree | fcff2303d94fa108f0d4dd529c9ee168352683e0 /crypto/pkcs12 | |
| parent | Remove duplicated BIO_get_ktls_send calls in do_ssl3_write (diff) | |
| download | openssl-af801ec89205aaf6ebf8522d510d0b1fc29e3233.tar.xz openssl-af801ec89205aaf6ebf8522d510d0b1fc29e3233.zip | |
Fix memleak in PKCS12_pbe_crypt_ex()
Makes sure that the variable 'out' is free on every error path.
Fixes #18689
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18808)
Diffstat (limited to 'crypto/pkcs12')
| -rw-r--r-- | crypto/pkcs12/p12_decr.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 87232e7737..c4c63a2701 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -94,6 +94,8 @@ unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor, if (EVP_CIPHER_CTX_is_encrypting(ctx)) { if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, (int)mac_len, out+outlen) < 0) { + OPENSSL_free(out); + out = NULL; ERR_raise(ERR_LIB_PKCS12, ERR_R_INTERNAL_ERROR); goto err; } |