diff options
author | slontis <shane.lontis@oracle.com> | 2023-03-21 16:06:06 +1000 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2023-03-31 14:57:47 -0400 |
commit | 4befe81a99b89c52b749a87eece82c1cba4fab12 (patch) | |
tree | d9f7b48b1ab3ddb6e2eb2bc781c653f600ab3c6b /crypto/sm2 | |
parent | 027226eb229c41d7066366a8b9ef8241da7500bd (diff) |
Fix mem leak in ECDSA_sign().
Similiar to the issue found in PR #20553 for DSA_sign().
ECDSA_sign() leaked memory if the signature was NULL
when i2d_ECDSA_SIG was called.
Note that this does not affect the higher level EVP
functions as they correctly handle NULL.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20554)
Diffstat (limited to 'crypto/sm2')
-rw-r--r-- | crypto/sm2/sm2_sign.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index 7113f4740b..67c61b1dcd 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -461,7 +461,7 @@ int ossl_sm2_internal_sign(const unsigned char *dgst, int dgstlen, goto done; } - sigleni = i2d_ECDSA_SIG(s, &sig); + sigleni = i2d_ECDSA_SIG(s, sig != NULL ? &sig : NULL); if (sigleni < 0) { ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR); goto done; |