[openssl] master update
Richard Levitte
levitte at openssl.org
Tue Feb 11 12:11:51 UTC 2020
The branch master has been updated
via a076951b71a1837e68eaf6bfd92e6a4d40b0940a (commit)
from 29f178bddfdbd11218fbcba0b8060297696968e3 (commit)
- Log -----------------------------------------------------------------
commit a076951b71a1837e68eaf6bfd92e6a4d40b0940a
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Feb 7 09:13:21 2020 +0100
X509_PUBKEY_set(): Fix memory leak
With the provided method of creating the new X509_PUBKEY, an extra
EVP_PKEY is created and needs to be properly cleaned away.
(note: we could choose to keep it just as well, but there are
consequences, explained in a comment in the code)
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11038)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x_pubkey.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c
index 42b94d9198..a583813b58 100644
--- a/crypto/x509/x_pubkey.c
+++ b/crypto/x509/x_pubkey.c
@@ -111,6 +111,22 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
goto error;
}
*x = pk;
+
+ /*
+ * pk->pkey is NULL when using the legacy routine, but is non-NULL when
+ * going through the serializer, and for all intents and purposes, it's
+ * a perfect copy of |pkey|, just not the same instance. In that case,
+ * we could simply return early, right here.
+ * However, in the interest of being cautious leaning on paranoia, some
+ * application might very well depend on the passed |pkey| being used
+ * and none other, so we spend a few more cycles throwing away the newly
+ * created |pk->pkey| and replace it with |pkey|.
+ * TODO(3.0) Investigate if it's safe to change to simply return here
+ * if |pk->pkey != NULL|.
+ */
+ if (pk->pkey != NULL)
+ EVP_PKEY_free(pk->pkey);
+
pk->pkey = pkey;
return 1;
More information about the openssl-commits
mailing list