root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix potential memory leak in save_statusInfo() 

If sk_ASN1_UTF8STRING_push() fails then the duplicated string will leak
memory. Add a ASN1_UTF8STRING_free() to fix this.

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25604)

(cherry picked from commit 0a2a8d970f)
This commit is contained in:
Niels Dossche 2024-10-03 16:58:30 +02:00 committed by Tomas Mraz
parent fdec710f18
commit dcc5ae9716
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/cmp/cmp_client.c
View File

@ -106,9 +106,12 @@ static int save_statusInfo(OSSL_CMP_CTX *ctx, OSSL_CMP_PKISI *si)
ss = si->statusString; /* may be NULL */
for (i = 0; i < sk_ASN1_UTF8STRING_num(ss); i++) {
ASN1_UTF8STRING *str = sk_ASN1_UTF8STRING_value(ss, i);
ASN1_UTF8STRING *dup = ASN1_STRING_dup(str);
if (!sk_ASN1_UTF8STRING_push(ctx->statusString, ASN1_STRING_dup(str)))
if (dup == NULL || !sk_ASN1_UTF8STRING_push(ctx->statusString, dup)) {
ASN1_UTF8STRING_free(dup);
return 0;
}
}
return 1;
}