From d787c292196f9476b2c3d608a900d8b1f334c13a Mon Sep 17 00:00:00 2001
From: tb <>
Date: Mon, 3 Nov 2025 14:29:50 +0000
Subject: Plug memeory leak in CMS_EncryptedData_encrypt()

If CMS_EncryptedData_set1_key() fails, cms is leaked.

From Niels Dossche
---
 src/lib/libcrypto/cms/cms_smime.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c
index 85a0e6f6e5..a8ddf7c67c 100644
--- a/src/lib/libcrypto/cms/cms_smime.c
+++ b/src/lib/libcrypto/cms/cms_smime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_smime.c,v 1.29 2025/05/10 05:54:38 tb Exp $ */
+/* $OpenBSD: cms_smime.c,v 1.30 2025/11/03 14:29:50 tb Exp $ */
 /*
  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
@@ -286,8 +286,10 @@ CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
 	cms = CMS_ContentInfo_new();
 	if (cms == NULL)
 		return NULL;
-	if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
+	if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) {
+		CMS_ContentInfo_free(cms);
 		return NULL;
+	}
 
 	if (!(flags & CMS_DETACHED))
 		CMS_set_detached(cms, 0);
-- 
cgit v1.2.3-55-g6feb