If we get a failure during evp_pkey_copy_downgraded() and on entry *dest
was NULL then we leak the EVP_PKEY that was automatically allocated and
stored in *dest.
Found due to this comment:
https://github.com/openssl/openssl/pull/18355#issuecomment-
1145028315
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18470)
#ifndef FIPS_MODULE
int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src)
{
+ EVP_PKEY *allocpkey = NULL;
+
if (!ossl_assert(dest != NULL))
return 0;
/* Make sure we have a clean slate to copy into */
if (*dest == NULL) {
- *dest = EVP_PKEY_new();
+ allocpkey = *dest = EVP_PKEY_new();
if (*dest == NULL) {
ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
return 0;
}
}
+ if (allocpkey != NULL) {
+ EVP_PKEY_free(allocpkey);
+ *dest = NULL;
+ }
return 0;
}