Don't leak an ASN1_OCTET_STRING on error in rsa_cms_encrypt
authorMatt Caswell <matt@openssl.org>
Wed, 27 Apr 2016 13:13:59 +0000 (14:13 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 28 Apr 2016 12:13:09 +0000 (13:13 +0100)
The rsa_cms_encrypt() function allocates an ASN1_OCTET_STRING but can
then fail to free it in an error condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/rsa/rsa_ameth.c

index 4ff2665d60f9c177cd2afd95f676714a918b72e0..abb357e5b8d9861e7d25e6d41a691fe54f482337 100644 (file)
@@ -849,10 +849,11 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
     if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
         goto err;
     if (labellen > 0) {
-        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
+        ASN1_OCTET_STRING *los;
         oaep->pSourceFunc = X509_ALGOR_new();
         if (oaep->pSourceFunc == NULL)
             goto err;
+        los = ASN1_OCTET_STRING_new();
         if (los == NULL)
             goto err;
         if (!ASN1_OCTET_STRING_set(los, label, labellen)) {