From a26635e0d7f3228035ae1d0d110ea88479f84754 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sun, 10 Dec 2023 15:07:08 +0100
Subject: Fix a possible memory leak in dh_cms_encrypt

Add a missing check of the return code of X509_ALGOR_set0,
otherwise the ASN1_STRING object wrap_str may be leaked.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22998)
---
 crypto/cms/cms_dh.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'crypto')

diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c
index 9509796317..2f54ed2673 100644
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@@ -316,10 +316,10 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
         goto err;
     ASN1_STRING_set0(wrap_str, penc, penclen);
     penc = NULL;
-    X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH),
-                    V_ASN1_SEQUENCE, wrap_str);
-
-    rv = 1;
+    rv = X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH),
+                         V_ASN1_SEQUENCE, wrap_str);
+    if (!rv)
+        ASN1_STRING_free(wrap_str);
 
  err:
     OPENSSL_free(penc);
-- 
cgit v1.2.3