diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-05-25 17:46:48 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-06-01 09:56:20 +0200 |
commit | 7a1857483938b6b6eec5b8760c68c71a71296cd2 (patch) | |
tree | 37478834b843aa27ba25fab3ba0ce62b415a0540 | |
parent | 23450cfb9204615e97467e8be6a709141523a59e (diff) |
CMS_ContentInfo_free(): fix mem leak on encrypted content key
Fixes #21026
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21058)
-rw-r--r-- | crypto/cms/cms_env.c | 6 | ||||
-rw-r--r-- | crypto/cms/cms_lib.c | 4 |
2 files changed, 8 insertions, 2 deletions
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 2b06da468e..7c1ab5fa53 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -142,10 +142,12 @@ CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *c { switch (cms_get_enveloped_type(cms)) { case CMS_ENVELOPED_STANDARD: - return cms->d.envelopedData->encryptedContentInfo; + return cms->d.envelopedData == NULL ? NULL + : cms->d.envelopedData->encryptedContentInfo; case CMS_ENVELOPED_AUTH: - return cms->d.authEnvelopedData->authEncryptedContentInfo; + return cms->d.authEnvelopedData == NULL ? NULL + : cms->d.authEnvelopedData->authEncryptedContentInfo; default: return NULL; diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index a339f471e8..7e2010bff7 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -74,6 +74,10 @@ CMS_ContentInfo *CMS_ContentInfo_new(void) void CMS_ContentInfo_free(CMS_ContentInfo *cms) { if (cms != NULL) { + CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cms); + + if (ec != NULL) + OPENSSL_clear_free(ec->key, ec->keylen); OPENSSL_free(cms->ctx.propq); ASN1_item_free((ASN1_VALUE *)cms, ASN1_ITEM_rptr(CMS_ContentInfo)); } |