diff options
| author | Yuchi <yt8mn@virginia.edu> | 2017-02-05 19:33:47 -0500 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-02-14 10:27:08 +0000 |
| commit | b37fce59cb7c48776361ac8cb8a808793016eefd (patch) | |
| tree | 6eda75be64ab79bdc1e90e3ec73e8ae9a05e7d4d | |
| parent | 955286c9f38c11b8be719d632fa9267eb13467f8 (diff) | |
mem leak on error path and error propagation fix
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2559)
(cherry picked from commit e0670973d5c0b837eb5a9f1670e47107f466fbc7)
| -rw-r--r-- | apps/ts.c | 8 | ||||
| -rw-r--r-- | crypto/ec/ec_ameth.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 2 |
3 files changed, 11 insertions, 3 deletions
@@ -890,9 +890,15 @@ static TS_VERIFY_CTX *create_verify_ctx(const char *data, const char *digest, goto err; f = TS_VFY_VERSION | TS_VFY_SIGNER; if (data != NULL) { + BIO *out = NULL; + f |= TS_VFY_DATA; - if (TS_VERIFY_CTX_set_data(ctx, BIO_new_file(data, "rb")) == NULL) + if ((out = BIO_new_file(data, "rb")) == NULL) + goto err; + if (TS_VERIFY_CTX_set_data(ctx, out) == NULL) { + BIO_free_all(out); goto err; + } } else if (digest != NULL) { long imprint_len; unsigned char *hexstr = OPENSSL_hexstr2buf(digest, &imprint_len); diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 66437e0da5..fa5bd0318c 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -254,8 +254,10 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, - ptype, pval, ep, eplen)) + ptype, pval, ep, eplen)) { + OPENSSL_free(ep); return 0; + } return 1; } diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 99b64bb967..dad2ec176d 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1827,7 +1827,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) if (id < 193 || id > 255) { SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); - return 0; + return 1; } CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); |