summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/lsearch.c
diff options
context:
space:
mode:
authortb <>2025-07-31 02:02:35 +0000
committertb <>2025-07-31 02:02:35 +0000
commit5c9cc2d0035cb59dfcacb47001ca9b8392b3732b (patch)
treefebd0c4807ef70a818cceffdfb2a38fcacce470d /src/lib/libc/stdlib/lsearch.c
parentec8cce1dd4e99a67543a272dfa89573835b3d118 (diff)
downloadopenbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.tar.gz
openbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.tar.bz2
openbsd-5c9cc2d0035cb59dfcacb47001ca9b8392b3732b.zip
Plug leaks due to misuse of PKCS7_add_signed_attribute()
set0/add0 functions that can fail are the worst. Without fail this trips up both users and authors (by and large these are two identical groups consisting of a single person), resulting in leaks and double frees. In today's episode of spelunking in the gruesome gore provided by the PKCS#7 and Time-Stamp protocol "implementations", we fix a couple of leaks in PKCS7_add_attrib_smimecap() and ESS_add_signing_cert(). We do so by recalling that there is i2d_X509_ALGORS(), so we might as well put it to use instead of inlining it poorly (aka, without error checking). Normalize said error checking and ensure ownership is handled correctly in the usual single-exit idiom. ESS_add_signing_cert() can also make use of proper i2d handling, so it's simpler and correct and in the end looks pretty much the same as PKCS7_add_attrib_smimecap(). ok kenjiro
Diffstat (limited to 'src/lib/libc/stdlib/lsearch.c')
0 files changed, 0 insertions, 0 deletions