diff options
author | slontis <shane.lontis@oracle.com> | 2023-02-17 09:51:59 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-12-29 10:42:38 +0100 |
commit | 7e3f84b41984442dae698bf4d7e593d2eed1c3c4 (patch) | |
tree | a0f0a699254823f5a5640e063477f67aea631d19 | |
parent | aa50768bf6d0a987028175c4a3cac8a142b15941 (diff) |
Fix memleak in rsa_cms_decrypt
If a call to EVP_PKEY_CTX_set_rsa_mgf1_md() fails then the caller
needs to free the label.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20319)
(cherry picked from commit d32dd65053431ee744d213b336b9a03a035807e6)
-rw-r--r-- | crypto/cms/cms_rsa.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c index 68545e5fb7..12bc818438 100644 --- a/crypto/cms/cms_rsa.c +++ b/crypto/cms/cms_rsa.c @@ -99,8 +99,10 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri) if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) goto err; if (label != NULL - && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) + && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) { + OPENSSL_free(label); goto err; + } /* Carry on */ rv = 1; |