root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix a mem leak in evp_pkey_copy_downgraded() 

If we get a failure during evp_pkey_copy_downgraded() and on entry *dest
was NULL then we leak the EVP_PKEY that was automatically allocated and
stored in *dest.

Found due to this comment:
https://github.com/openssl/openssl/pull/18355#issuecomment-1145028315

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18470)
This commit is contained in:
Matt Caswell 2022-06-03 14:01:22 +01:00
parent 4c149cf9f6
commit ae4d9573ac
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
crypto/evp/p_lib.c
View File

@ -1973,6 +1973,8 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
#ifndef FIPS_MODULE #ifndef FIPS_MODULE
int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src)
{ {
EVP_PKEY *allocpkey = NULL;
if (!ossl_assert(dest != NULL)) if (!ossl_assert(dest != NULL))
return 0; return 0;
@ -2003,7 +2005,7 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src)
/* Make sure we have a clean slate to copy into */ /* Make sure we have a clean slate to copy into */
if (*dest == NULL) { if (*dest == NULL) {
*dest = EVP_PKEY_new(); allocpkey = *dest = EVP_PKEY_new();
if (*dest == NULL) { if (*dest == NULL) {
ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
return 0; return 0;
@ -2052,6 +2054,10 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src)
} }
} }
if (allocpkey != NULL) {
EVP_PKEY_free(allocpkey);
*dest = NULL;
}
return 0; return 0;
} }