Home Explore Help
Register Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 1
Files Issues 1 Wiki
Browse Source

Fix a possible memleak in CMS_sign_receipt

When an error happens after cms_encode_Receipt
the ASN1_OCTET_STRING object "os" may be leaked.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22758)
Bernd Edlinger 5 months ago
parent
ed3d277127
commit
3e3aadd51c
1 changed files with 2 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      crypto/cms/cms_smime.c

+ 2 - 1
crypto/cms/cms_smime.c
View File 

@@ -560,7 +560,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 
 {
 
     CMS_SignerInfo *rct_si;
 
     CMS_ContentInfo *cms = NULL;
 
-    ASN1_OCTET_STRING **pos, *os;
 
+    ASN1_OCTET_STRING **pos, *os = NULL;
 
     BIO *rct_cont = NULL;
 
     int r = 0;
 
     const CMS_CTX *ctx = si->cms_ctx;
 
@@ -622,6 +622,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
 
     if (r)
 
         return cms;
 
     CMS_ContentInfo_free(cms);
 
+    ASN1_OCTET_STRING_free(os);
 
     return NULL;
 
 
 }