Don't leak an ASN1_OCTET_STRING on error in rsa_cms_encrypt

The rsa_cms_encrypt() function allocates an ASN1_OCTET_STRING but can then fail to free it in an error condition. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-04-27 14:13:59 +0100
committer: Matt Caswell <matt@openssl.org> 2016-04-28 13:13:09 +0100
commit: 5e8129f278f5358243b4a8b3651e795d6a32696d (patch)
tree: 537f2ebba6c3965b8de4ecb42a687137585d479c /crypto/rsa
parent: d54ac5c4bfcb75967960492de31a83fbc7c46673 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 4ff2665d60..abb357e5b8 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -849,10 +849,11 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
     if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
         goto err;
     if (labellen > 0) {
-        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING *los;
         oaep->pSourceFunc = X509_ALGOR_new();
         if (oaep->pSourceFunc == NULL)
             goto err;
+        los = ASN1_OCTET_STRING_new();
         if (los == NULL)
             goto err;
         if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
author	Matt Caswell <matt@openssl.org>	2016-04-27 14:13:59 +0100
committer	Matt Caswell <matt@openssl.org>	2016-04-28 13:13:09 +0100
commit	5e8129f278f5358243b4a8b3651e795d6a32696d (patch)
tree	537f2ebba6c3965b8de4ecb42a687137585d479c /crypto/rsa
parent	d54ac5c4bfcb75967960492de31a83fbc7c46673 (diff)