Fix a possible memleak in eckey_priv_encode

Additionally use OPENSSL_clear_free on the private key data in case of error. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from #22007)
openssl · Sep 9, 2023 · 7c51c0e · 7c51c0e
1 parent ee60a49
commit 7c51c0e
Showing 1 changed file with 11 additions and 6 deletions.
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
@@ -38,7 +38,6 @@ static int eckey_param2type(int *pptype, void **ppval, const EC_KEY *ec_key)
         ASN1_OBJECT *asn1obj = OBJ_nid2obj(nid);
 
         if (asn1obj == NULL || OBJ_length(asn1obj) == 0) {
-            ASN1_OBJECT_free(asn1obj);
             ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_OID);
             return 0;
         }
@@ -98,9 +97,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
                                ptype, pval, penc, penclen))
         return 1;
  err:
-    if (ptype == V_ASN1_OBJECT)
-        ASN1_OBJECT_free(pval);
-    else
+    if (ptype == V_ASN1_SEQUENCE)
         ASN1_STRING_free(pval);
     OPENSSL_free(penc);
     return 0;
@@ -256,24 +253,32 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
 
     eplen = i2d_ECPrivateKey(&ec_key, NULL);
     if (!eplen) {
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
         return 0;
     }
     ep = OPENSSL_malloc(eplen);
     if (ep == NULL) {
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     p = ep;
     if (!i2d_ECPrivateKey(&ec_key, &p)) {
-        OPENSSL_free(ep);
+        OPENSSL_clear_free(ep, eplen);
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
         return 0;
     }
 
     if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
                          ptype, pval, ep, eplen)) {
-        OPENSSL_free(ep);
+        OPENSSL_clear_free(ep, eplen);
+        if (ptype == V_ASN1_SEQUENCE)
+            ASN1_STRING_free(pval);
         return 0;
     }