diff options
| author | slontis <shane.lontis@oracle.com> | 2022-06-24 14:01:07 +1000 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-06-28 17:07:53 +0200 |
| commit | 28adea95975c3ea53fc590efda35dee13efd4767 (patch) | |
| tree | 9a4e064d87729a680bace30a757e29b99df7b4db /crypto/rsa | |
| parent | 995eccb611431a4857cac3283e2442c01109d428 (diff) | |
Fix memory leak in ossl_rsa_fromdata.
Occurs if a malloc failure happens inside collect_numbers()
Reported via #18365
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18646)
Diffstat (limited to 'crypto/rsa')
| -rw-r--r-- | crypto/rsa/rsa_backend.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index b69c94fc11..bc658d9d30 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -49,9 +49,12 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, if (p != NULL) { BIGNUM *tmp = NULL; - if (!OSSL_PARAM_get_BN(p, &tmp) - || sk_BIGNUM_push(numbers, tmp) == 0) + if (!OSSL_PARAM_get_BN(p, &tmp)) return 0; + if (sk_BIGNUM_push(numbers, tmp) == 0) { + BN_clear_free(tmp); + return 0; + } } } |