[openssl-users] Calling CMS_decrypt on the same CMS_ContentInfo instance as CMS_encrypt causes memory leak
Andrei Hîrgău
hirgauandrei at gmail.com
Tue Jan 16 13:11:52 UTC 2018
Hi,
There seems to be an issue with CMS_decrypt. It seems that if we have
code like this:
CMS_ContentInfo* ci = CMS_encrypt(...);
CMS_decrypt(ci, ...);
CMS_ContentInfo_free(ci);
we leak the X509 certificate's public key. If the call to CMS_decrypt
is commented out, then no leak happens, as the key is freed by the
call to CMS_ContentInfo_free. I created this issue[1] with a concrete
example of this case.
Is the expectation here that if you call CMS_decrypt on the same
CMS_ContentInfo instance then you have to call EVP_PKEY_free on the
public key twice? Does anyone have any thoughts on this?
[1] https://github.com/openssl/openssl/issues/5052
More information about the openssl-users
mailing list