From b56e3b6f404550122f43dc8bbb2d822aedb0d716 Mon Sep 17 00:00:00 2001 From: miod <> Date: Fri, 26 Sep 2014 19:31:09 +0000 Subject: X509_issuer_and_serial_hash(): do not leak memory if an error occurs during the first EVP block. ok tedu@ --- src/lib/libcrypto/x509/x509_cmp.c | 4 +++- src/lib/libssl/src/crypto/x509/x509_cmp.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c index e783683f3a..030e29bde7 100644 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ b/src/lib/libcrypto/x509/x509_cmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_cmp.c,v 1.24 2014/07/13 11:15:54 miod Exp $ */ +/* $OpenBSD: x509_cmp.c,v 1.25 2014/09/26 19:31:09 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -100,6 +100,7 @@ X509_issuer_and_serial_hash(X509 *a) if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f))) goto err; free(f); + f = NULL; if (!EVP_DigestUpdate(&ctx, (unsigned char *)a->cert_info->serialNumber->data, (unsigned long)a->cert_info->serialNumber->length)) @@ -112,6 +113,7 @@ X509_issuer_and_serial_hash(X509 *a) err: EVP_MD_CTX_cleanup(&ctx); + free(f); return (ret); } #endif diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c index e783683f3a..030e29bde7 100644 --- a/src/lib/libssl/src/crypto/x509/x509_cmp.c +++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_cmp.c,v 1.24 2014/07/13 11:15:54 miod Exp $ */ +/* $OpenBSD: x509_cmp.c,v 1.25 2014/09/26 19:31:09 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -100,6 +100,7 @@ X509_issuer_and_serial_hash(X509 *a) if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f))) goto err; free(f); + f = NULL; if (!EVP_DigestUpdate(&ctx, (unsigned char *)a->cert_info->serialNumber->data, (unsigned long)a->cert_info->serialNumber->length)) @@ -112,6 +113,7 @@ X509_issuer_and_serial_hash(X509 *a) err: EVP_MD_CTX_cleanup(&ctx); + free(f); return (ret); } #endif -- cgit v1.2.3-55-g6feb