plug memory leak in ASN1_item_digest

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

plug memory leak in ASN1_item_digest

Theo Buehler-5
If EVP_Digest() fails, str is leaked.

This is part of the combo-diff 83b4049ab75e9da1815e9c854a9297bca3d4af6b
some more of which may also apply to us, but I'm still disentangling it.
See also https://github.com/openssl/openssl/issues/2111

Index: lib/libcrypto/asn1/a_digest.c
===================================================================
RCS file: /var/cvs/src/lib/libcrypto/asn1/a_digest.c,v
retrieving revision 1.15
diff -u -p -r1.15 a_digest.c
--- lib/libcrypto/asn1/a_digest.c 11 Jul 2014 08:44:47 -0000 1.15
+++ lib/libcrypto/asn1/a_digest.c 5 Apr 2018 16:46:22 -0000
@@ -77,8 +77,11 @@ ASN1_item_digest(const ASN1_ITEM *it, co
  if (!str)
  return (0);
 
- if (!EVP_Digest(str, i, md, len, type, NULL))
- return 0;
+ if (!EVP_Digest(str, i, md, len, type, NULL)) {
+ free(str);
+ return (0);
+ }
+
  free(str);
  return (1);
 }

Reply | Threaded
Open this post in threaded view
|

Re: plug memory leak in ASN1_item_digest

Brent Cook
ok bcook@

On Thu, Apr 5, 2018 at 12:06 PM, Theo Buehler <[hidden email]> wrote:

> If EVP_Digest() fails, str is leaked.
>
> This is part of the combo-diff 83b4049ab75e9da1815e9c854a9297bca3d4af6b
> some more of which may also apply to us, but I'm still disentangling it.
> See also https://github.com/openssl/openssl/issues/2111
>
> Index: lib/libcrypto/asn1/a_digest.c
> ===================================================================
> RCS file: /var/cvs/src/lib/libcrypto/asn1/a_digest.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 a_digest.c
> --- lib/libcrypto/asn1/a_digest.c       11 Jul 2014 08:44:47 -0000
> 1.15
> +++ lib/libcrypto/asn1/a_digest.c       5 Apr 2018 16:46:22 -0000
> @@ -77,8 +77,11 @@ ASN1_item_digest(const ASN1_ITEM *it, co
>         if (!str)
>                 return (0);
>
> -       if (!EVP_Digest(str, i, md, len, type, NULL))
> -               return 0;
> +       if (!EVP_Digest(str, i, md, len, type, NULL)) {
> +               free(str);
> +               return (0);
> +       }
> +
>         free(str);
>         return (1);
>  }
>
>