diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-11-14 02:42:42 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2023-11-22 09:55:42 +0100 |
commit | 1ef520045556c4b5ada3a6c63d32a41b5d084165 (patch) | |
tree | c56f5218edf8c88d888e579bf37d0da9d03fff25 /crypto | |
parent | 92889328fbbb2344339f7c90afc449f6eb9b11a6 (diff) |
Fix possible memleak in PKCS7_add0_attrib_signing_time
When PKCS7_add_signed_attribute fails, the ASN1_TIME
object may be leaked when it was not passed in as
input parameter.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22772)
(cherry picked from commit 7d52539f00144cb410c4e9d8da0b9574c0badb19)
(cherry picked from commit e83a231d3e1da1a55260503a06365b1950985933)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/pkcs7/pk7_attr.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index d02b6fd3d1..80b128c304 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -99,12 +99,18 @@ int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid) int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t) { - if (t == NULL && (t = X509_gmtime_adj(NULL, 0)) == NULL) { + ASN1_TIME *tmp = NULL; + + if (t == NULL && (tmp = t = X509_gmtime_adj(NULL, 0)) == NULL) { ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE); return 0; } - return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, - V_ASN1_UTCTIME, t); + if (!PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, + V_ASN1_UTCTIME, t)) { + ASN1_TIME_free(tmp); + return 0; + } + return 1; } int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, |