root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix potential leak in error path in cert_response() 

get1_cert_status() returns an object that must be freed,
but the error path does not do that.
Fix it by adding a call to X509_free() in the error path.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26513)

(cherry picked from commit 56160f173d)
This commit is contained in:
Niels Dossche 2025-01-22 14:35:25 +01:00 committed by Tomas Mraz
parent f53432a013
commit 0bd7eb2099
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/cmp/cmp_client.c
View File

@ -736,8 +736,10 @@ static int cert_response(OSSL_CMP_CTX *ctx, int sleep, int rid,
ERR_add_error_data(1, "; cannot extract certificate from response");
return 0;
}
if (!ossl_cmp_ctx_set0_newCert(ctx, cert))
if (!ossl_cmp_ctx_set0_newCert(ctx, cert)) {
X509_free(cert);
return 0;
}
/*
* if the CMP server returned certificates in the caPubs field, copy them