[openssl/openssl] f77057: free oaep label-octet-string on error
James Muir
noreply at github.com
Mon Oct 30 08:00:14 UTC 2023
Branch: refs/heads/openssl-3.2
Home: https://github.com/openssl/openssl
Commit: f77057815be474528ad0e798e08bc9b36a7d4a4d
https://github.com/openssl/openssl/commit/f77057815be474528ad0e798e08bc9b36a7d4a4d
Author: James Muir <james at openssl.org>
Date: 2023-10-30 (Mon, 30 Oct 2023)
Changed paths:
M crypto/cms/cms_rsa.c
Log Message:
-----------
free oaep label-octet-string on error
When successful, ossl_X509_ALGOR_from_nid() returns a pointer to an
X509_ALGOR object. Inside ossl_X509_ALGOR_from_nid(),
X509_ALGOR_set0() is called, and this passes ownership of the ASN1
object "los" (label octet string) to the X509_ALGOR object. When
ossl_X509_ALGOR_from_nid() fails, ownership has not been passed on and
we need to free "los".
Change the scope of "los" and ensure it is freed on failure (on
success, set it to NULL so it is not freed inside the function).
Fixes #22336
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22495)
(cherry picked from commit 83efd7170bfa48a3263fcf8c771a6029646e8ad2)
More information about the openssl-commits
mailing list