From e0670973d5c0b837eb5a9f1670e47107f466fbc7 Mon Sep 17 00:00:00 2001 From: Yuchi Date: Sun, 5 Feb 2017 19:33:47 -0500 Subject: [PATCH] mem leak on error path and error propagation fix Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/2559) --- apps/ts.c | 8 +++++++- crypto/ec/ec_ameth.c | 4 +++- ssl/ssl_ciph.c | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/apps/ts.c b/apps/ts.c index 6c0adb1423..0db6b509f8 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -887,9 +887,15 @@ static TS_VERIFY_CTX *create_verify_ctx(const char *data, const char *digest, goto err; f = TS_VFY_VERSION | TS_VFY_SIGNER; if (data != NULL) { + BIO *out = NULL; + f |= TS_VFY_DATA; - if (TS_VERIFY_CTX_set_data(ctx, BIO_new_file(data, "rb")) == NULL) + if ((out = BIO_new_file(data, "rb")) == NULL) + goto err; + if (TS_VERIFY_CTX_set_data(ctx, out) == NULL) { + BIO_free_all(out); goto err; + } } else if (digest != NULL) { long imprint_len; unsigned char *hexstr = OPENSSL_hexstr2buf(digest, &imprint_len); diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 66437e0da5..fa5bd0318c 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -254,8 +254,10 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, - ptype, pval, ep, eplen)) + ptype, pval, ep, eplen)) { + OPENSSL_free(ep); return 0; + } return 1; } diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index d28b53df92..93da3dc19c 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1838,7 +1838,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) if (id < 193 || id > 255) { SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); - return 0; + return 1; } CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); -- 2.34.1