From 84434e691df1ed46e8e7da3ec52b6891eaa3b82a Mon Sep 17 00:00:00 2001
From: inoguchi <>
Date: Sun, 16 Jan 2022 07:11:49 +0000
Subject: Avoid memory leak in error path with openssl(1) cms

CID 345314 345320

ok tb@
---
 src/usr.bin/openssl/cms.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c
index 8d066e5a55..5b876941fb 100644
--- a/src/usr.bin/openssl/cms.c
+++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms.c,v 1.28 2022/01/08 06:05:39 inoguchi Exp $ */
+/* $OpenBSD: cms.c,v 1.29 2022/01/16 07:11:49 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -1395,6 +1395,7 @@ cms_main(int argc, char **argv)
 				BIO_printf(bio_err,
 				    "Error writing certs to %s\n",
 				    cms_config.certsoutfile);
+				sk_X509_pop_free(allcerts, X509_free);
 				ret = 5;
 				goto end;
 			}
@@ -1695,6 +1696,7 @@ cms_main(int argc, char **argv)
 				BIO_printf(bio_err,
 				    "Error writing signers to %s\n",
 				    cms_config.signerfile);
+				sk_X509_free(signers);
 				ret = 5;
 				goto end;
 			}
-- 
cgit v1.2.3-55-g6feb