These are newly introduced memory leaks and UAF in evp_test.c
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24339)
return -1;
if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(chunk, &len))) {
OPENSSL_free(chunk);
- TEST_info("Can't convert chunk %s", chunk);
TEST_openssl_errors();
return -1;
}
+ OPENSSL_free(chunk);
*buflen = len;
}
*out_offset = value[0] == '"' ? offset + (*buflen) : offset + 2 * (*buflen);
if (data_chunk_size != 0 && !cipher_test_valid_fragmentation(cdat)) {
ERR_pop_to_mark();
+ EVP_CIPHER_free(fetched_cipher);
+ OPENSSL_free(cdat);
t->skip = 1;
TEST_info("skipping, '%s' does not support fragmentation", alg);
return 1;