projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6ed34b3)
Fix a memory leak in CONF .include handling
authorMatt Caswell <matt@openssl.org>
Fri, 1 May 2020 14:15:13 +0000 (15:15 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 6 May 2020 10:40:53 +0000 (11:40 +0100)
If OPENSSL_CONF_INCLUDE has been set then we may leak the "include"
buffer.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11691)

crypto/conf/conf_def.c patch | blob | history

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 9dbda10edfd8f864b36fca9f73d1e501a43502cd..6efe291ac84dc6a4e3e9d30211a7a20a8ad8478c 100644 (file)
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -420,6 +420,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                     OPENSSL_strlcpy(include_path, include_dir, newlen);
                     OPENSSL_strlcat(include_path, "/", newlen);
                     OPENSSL_strlcat(include_path, include, newlen);
                     OPENSSL_strlcpy(include_path, include_dir, newlen);
                     OPENSSL_strlcat(include_path, "/", newlen);
                     OPENSSL_strlcat(include_path, include, newlen);
+                    OPENSSL_free(include);
                 } else {
                     include_path = include;
                 }
                 } else {
                     include_path = include;
                 }
@@ -429,15 +430,11 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                 next = process_include(include_path, &dirctx, &dirpath);
                 if (include_path != dirpath) {
                     /* dirpath will contain include in case of a directory */
                 next = process_include(include_path, &dirctx, &dirpath);
                 if (include_path != dirpath) {
                     /* dirpath will contain include in case of a directory */
-                    OPENSSL_free(include);
-                    if (include_path != include)
-                        OPENSSL_free(include_path);
+                    OPENSSL_free(include_path);
                 }
 #else
                 next = BIO_new_file(include_path, "r");
                 }
 #else
                 next = BIO_new_file(include_path, "r");
-                OPENSSL_free(include);
-                if (include_path != include)
-                    OPENSSL_free(include_path);
+                OPENSSL_free(include_path);
 #endif
 
                 if (next != NULL) {
 #endif
 
                 if (next != NULL) {
Unnamed repository; edit this file 'description' to name the repository.