diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-01-16 15:48:24 +0100 |
---|---|---|
committer | Hugo Landau <hlandau@openssl.org> | 2023-05-10 18:35:51 +0100 |
commit | 20d4dc8898edc12806ead2100ac09b907662aff6 (patch) | |
tree | a5d6f3f6e86ae4a12473a1d28a03785a3e57724f /apps | |
parent | 30b9a6ec89d97152b5a564b3acf3a94ee57185a7 (diff) |
CMP app: fix deallocated host/port fields in APP_HTTP_TLS_INFO
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20034)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/cmp.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/apps/cmp.c b/apps/cmp.c index bfbfa9ce8a..ec60e677c1 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -1952,12 +1952,14 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine) if ((info = OPENSSL_zalloc(sizeof(*info))) == NULL) goto err; (void)OSSL_CMP_CTX_set_http_cb_arg(ctx, info); + info->ssl_ctx = setup_ssl_ctx(ctx, host, engine); info->server = host; - info->port = server_port; + host = NULL; /* prevent deallocation */ + if ((info->port = OPENSSL_strdup(server_port)) == NULL) + goto err; /* workaround for callback design flaw, see #17088: */ info->use_proxy = proxy_host != NULL; info->timeout = OSSL_CMP_CTX_get_option(ctx, OSSL_CMP_OPT_MSG_TIMEOUT); - info->ssl_ctx = setup_ssl_ctx(ctx, host, engine); if (info->ssl_ctx == NULL) goto err; @@ -3099,7 +3101,11 @@ int cmp_main(int argc, char **argv) /* cannot free info already here, as it may be used indirectly by: */ OSSL_CMP_CTX_free(cmp_ctx); #ifndef OPENSSL_NO_SOCK - APP_HTTP_TLS_INFO_free(info); + if (info != NULL) { + OPENSSL_free((char *)info->server); + OPENSSL_free((char *)info->port); + APP_HTTP_TLS_INFO_free(info); + } #endif } X509_VERIFY_PARAM_free(vpm); |