diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-09-06 14:06:52 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-09-08 09:21:08 +0200 |
commit | 0c4f6a445535efa10245810ed0647d14271fb1a7 (patch) | |
tree | da3bdea17085ee37c44dda9a9250d6328a77f0f5 /crypto | |
parent | 137e3a9ac07706a8ec65f2afd31236d9180ad4f0 (diff) |
Fix a possible memleak in SRP_VBASE_new
In the error handling case the memory in
vb->users_pwd was accidentally not released.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21981)
(cherry picked from commit 68e95f7840d0d8ac4e5e03381cf9d305578dd1c7)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/srp/srp_vfy.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index e8beb60d27..edcfb0c76e 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -283,6 +283,7 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key) return NULL; if ((vb->users_pwd = sk_SRP_user_pwd_new_null()) == NULL || (vb->gN_cache = sk_SRP_gN_cache_new_null()) == NULL) { + sk_SRP_user_pwd_free(vb->users_pwd); OPENSSL_free(vb); return NULL; } |