diff options
author | slontis <shane.lontis@oracle.com> | 2022-06-24 14:01:07 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-06-28 17:08:42 +0200 |
commit | a99b372157561560da526e212a5c6a74e1cd2d82 (patch) | |
tree | 6f1f19ab3edd362de24abab1f0541cd4eac89e38 | |
parent | 23b7dd6a1646f6050a7c9e43508999773e8a8805 (diff) |
Fix memory leak in ossl_rsa_fromdata.
Occurs if a malloc failure happens inside collect_numbers()
Reported via #18365
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18646)
(cherry picked from commit 28adea95975c3ea53fc590efda35dee13efd4767)
-rw-r--r-- | crypto/rsa/rsa_backend.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index 254ebdb242..58187fa2ef 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -49,9 +49,12 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, if (p != NULL) { BIGNUM *tmp = NULL; - if (!OSSL_PARAM_get_BN(p, &tmp) - || sk_BIGNUM_push(numbers, tmp) == 0) + if (!OSSL_PARAM_get_BN(p, &tmp)) return 0; + if (sk_BIGNUM_push(numbers, tmp) == 0) { + BN_clear_free(tmp); + return 0; + } } } |