[openssl/openssl] ebe874: Fix possible double-free in pkcs7 add_attribute fu...
Bernd Edlinger
noreply at github.com
Mon Jul 8 10:28:01 UTC 2024
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: ebe874a0a510e04f3ff043acd1548abd2eef46cb
https://github.com/openssl/openssl/commit/ebe874a0a510e04f3ff043acd1548abd2eef46cb
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: 2024-07-08 (Mon, 08 Jul 2024)
Changed paths:
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Fix possible double-free in pkcs7 add_attribute function
The problem is the ownership of the input parameter value
is transfered to the X509_ATTRIBUTE object attr, as soon
as X509_ATTRIBUTE_create succeeds, but when an error happens
after that point there is no way to get the ownership back
to the caller, which is necessary to fullfill the API contract.
Fixed that by moving the call to X509_ATTRIBUTE_create to the
end of the function, and make sure that no errors are possible
after that point.
Reviewed-by: Neil Horman <nhorman at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22721)
(cherry picked from commit 82a13a1f5053462f826bfb90061f0f77e3cc98a5)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list