[openssl/openssl] e37544: Fix a decoder mem leak on an error path

matt noreply at reply.github.openssl.org
Thu Jun 2 09:52:26 UTC 2022 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: e3754495d9fec27c1e765db81be0563b29c1679d
      https://github.openssl.org/openssl/openssl/commit/e3754495d9fec27c1e765db81be0563b29c1679d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/encode_decode/decoder_lib.c

  Log Message:
  -----------
  Fix a decoder mem leak on an error path

If an error condition occurs then the the decoder that was up-refed in
ossl_decoder_instance_new can be leaked.

Found due to the error report here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138205688

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18410)

(cherry picked from commit 9ec9b968f93e4a8e7c90eb1e717f0d7cd4ab722d)


  Commit: 6a1216d128af920bcc7aead96bd26aee608e7c3f
      https://github.openssl.org/openssl/openssl/commit/6a1216d128af920bcc7aead96bd26aee608e7c3f
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/encode_decode/decoder_lib.c

  Log Message:
  -----------
  Fix another decoder mem leak on an error path

If pushing the decoder onto a stack fails then we should free the ref
we just created.

Found due to the error report here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138205688

Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18411)

(cherry picked from commit da3193976380b8bd697a472025ff9f384cbca7af)


  Commit: cf022e7dc19a058c9674525a710038b0a2254653
      https://github.openssl.org/openssl/openssl/commit/cf022e7dc19a058c9674525a710038b0a2254653
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/provider_core.c

  Log Message:
  -----------
  Fix a memory leak is ossl_provider_doall_activated

If the callback fails then we don't correctly free providers that were
already in our stack and that we up-refed earlier.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18413)

(cherry picked from commit b4be10dfcd370960cecfda9773e1bfcc568a7390)


  Commit: 13bc9889cb2a19613397fd5f26ee60f2b031432b
      https://github.openssl.org/openssl/openssl/commit/13bc9889cb2a19613397fd5f26ee60f2b031432b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-06-02 (Thu, 02 Jun 2022)

  Changed paths:
    M crypto/provider_core.c

  Log Message:
  -----------
  Don't call ossl_provider_free() without first setting refcnt

The function ossl_provider_free() decrements the refcnt of the
provider and frees it if it has reached 0. This only works if the
refcnt has already been initialised. We must only call
ossl_provider_free() after this initialisation - otherwise it will fail
to free the provider correctly.

Addresses the issue mentioned here:
https://github.com/openssl/openssl/pull/18355#issuecomment-1138741857

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18417)

(cherry picked from commit c4ed6f6f0ee700e0473def049659061dd52fd3fc)


Compare: https://github.openssl.org/openssl/openssl/compare/3c7d97b6bb17...13bc9889cb2a

More information about the openssl-commits mailing list