diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-10-14 12:56:54 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-11-25 09:05:47 +0100 |
| commit | 911045afda06bec038ccd15e9f849bff05b6f1ee (patch) | |
| tree | 098e4b73288c4eecd0ff42b32af086ab79ef176e | |
| parent | 25dd78048b69c2a780ab1a5378b62447c77a5e75 (diff) | |
CMS_decrypt_set1_password(): prevent mem leak on any previously set decryption key
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19222)
| -rw-r--r-- | crypto/cms/cms_smime.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index e49c611a28..6a94d6c5e8 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -703,7 +703,7 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer) { - STACK_OF(CMS_RecipientInfo) *ris; + STACK_OF(CMS_RecipientInfo) *ris = CMS_get0_RecipientInfos(cms); CMS_RecipientInfo *ri; int i, r, cms_pkey_ri_type; int debug = 0, match_ri = 0; @@ -714,7 +714,6 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, ec->key = NULL; ec->keylen = 0; - ris = CMS_get0_RecipientInfos(cms); if (ris != NULL) debug = ec->debug; @@ -825,11 +824,16 @@ int CMS_decrypt_set1_key(CMS_ContentInfo *cms, int CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass, ossl_ssize_t passlen) { - STACK_OF(CMS_RecipientInfo) *ris; + STACK_OF(CMS_RecipientInfo) *ris = CMS_get0_RecipientInfos(cms); CMS_RecipientInfo *ri; int i, r; + CMS_EncryptedContentInfo *ec = ossl_cms_get0_env_enc_content(cms); + + /* Prevent mem leak on earlier CMS_decrypt_set1_{pkey_and_peer,password} */ + OPENSSL_clear_free(ec->key, ec->keylen); + ec->key = NULL; + ec->keylen = 0; - ris = CMS_get0_RecipientInfos(cms); for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) { ri = sk_CMS_RecipientInfo_value(ris, i); if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS) |