summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>2023-05-25 17:46:48 +0200
committerDr. David von Oheimb <dev@ddvo.net>2023-06-01 09:56:20 +0200
commit7a1857483938b6b6eec5b8760c68c71a71296cd2 (patch)
tree37478834b843aa27ba25fab3ba0ce62b415a0540
parent23450cfb9204615e97467e8be6a709141523a59e (diff)
CMS_ContentInfo_free(): fix mem leak on encrypted content key
Fixes #21026 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21058)
Diffstat
-rw-r--r--crypto/cms/cms_env.c6
-rw-r--r--crypto/cms/cms_lib.c4
2 files changed, 8 insertions, 2 deletions
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index 2b06da468e..7c1ab5fa53 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -142,10 +142,12 @@ CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *c
{
switch (cms_get_enveloped_type(cms)) {
case CMS_ENVELOPED_STANDARD:
- return cms->d.envelopedData->encryptedContentInfo;
+ return cms->d.envelopedData == NULL ? NULL
+ : cms->d.envelopedData->encryptedContentInfo;
case CMS_ENVELOPED_AUTH:
- return cms->d.authEnvelopedData->authEncryptedContentInfo;
+ return cms->d.authEnvelopedData == NULL ? NULL
+ : cms->d.authEnvelopedData->authEncryptedContentInfo;
default:
return NULL;
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index a339f471e8..7e2010bff7 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -74,6 +74,10 @@ CMS_ContentInfo *CMS_ContentInfo_new(void)
void CMS_ContentInfo_free(CMS_ContentInfo *cms)
{
if (cms != NULL) {
+ CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cms);
+
+ if (ec != NULL)
+ OPENSSL_clear_free(ec->key, ec->keylen);
OPENSSL_free(cms->ctx.propq);
ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo));
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 06:46:34 +0000