[openssl/openssl] 9ec9b9: Fix a decoder mem leak on an error path

matt noreply at reply.github.openssl.org
Thu Jun 2 09:37:22 UTC 2022 

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 9ec9b968f93e4a8e7c90eb1e717f0d7cd4ab722d
      https://github.openssl.org/openssl/openssl/commit/9ec9b968f93e4a8e7c90eb1e717f0d7cd4ab722d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/encode_decode/decoder_lib.c

  Log Message:
  -----------
  Fix a decoder mem leak on an error path

If an error condition occurs then the the decoder that was up-refed in
ossl_decoder_instance_new can be leaked.

Found due to the error report here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138205688

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18410)


  Commit: da3193976380b8bd697a472025ff9f384cbca7af
      https://github.openssl.org/openssl/openssl/commit/da3193976380b8bd697a472025ff9f384cbca7af
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/encode_decode/decoder_lib.c

  Log Message:
  -----------
  Fix another decoder mem leak on an error path

If pushing the decoder onto a stack fails then we should free the ref
we just created.

Found due to the error report here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138205688

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18411)


  Commit: b4be10dfcd370960cecfda9773e1bfcc568a7390
      https://github.openssl.org/openssl/openssl/commit/b4be10dfcd370960cecfda9773e1bfcc568a7390
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/provider_core.c

  Log Message:
  -----------
  Fix a memory leak is ossl_provider_doall_activated

If the callback fails then we don't correctly free providers that were
already in our stack and that we up-refed earlier.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18413)


  Commit: c4ed6f6f0ee700e0473def049659061dd52fd3fc
      https://github.openssl.org/openssl/openssl/commit/c4ed6f6f0ee700e0473def049659061dd52fd3fc
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/provider_core.c

  Log Message:
  -----------
  Don't call ossl_provider_free() without first setting refcnt

The function ossl_provider_free() decrements the refcnt of the
provider and frees it if it has reached 0. This only works if the
refcnt has already been initialised. We must only call
ossl_provider_free() after this initialisation - otherwise it will fail
to free the provider correctly.

Addresses the issue mentioned here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138741857

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18417)


Compare: https://github.openssl.org/openssl/openssl/compare/2cba2e160d5b...c4ed6f6f0ee7

More information about the openssl-commits mailing list