[openssl/openssl] 4befe8: Fix mem leak in ECDSA_sign().

Shane noreply at github.com
Fri Mar 31 19:02:37 UTC 2023


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 4befe81a99b89c52b749a87eece82c1cba4fab12
      https://github.com/openssl/openssl/commit/4befe81a99b89c52b749a87eece82c1cba4fab12
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-03-31 (Fri, 31 Mar 2023)

  Changed paths:
    M crypto/ec/ecdsa_ossl.c
    M crypto/sm2/sm2_sign.c
    M test/ecdsatest.c

  Log Message:
  -----------
  Fix mem leak in ECDSA_sign().

Similiar to the issue found in PR #20553 for DSA_sign().
ECDSA_sign() leaked memory if the signature was NULL
when i2d_ECDSA_SIG was called.

Note that this does not affect the higher level EVP
functions as they correctly handle NULL.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
(Merged from https://github.com/openssl/openssl/pull/20554)




More information about the openssl-commits mailing list