Skip to content

Commit

Permalink
Fix memleak in rsa_cms_decrypt
Browse files Browse the repository at this point in the history 
If a call to EVP_PKEY_CTX_set_rsa_mgf1_md() fails then the caller
needs to free the label.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #20319)

(cherry picked from commit d32dd65)
  • Loading branch information
@slontis @t8m
slontis authored and t8m committed Dec 29, 2023
1 parent aa50768 commit 7e3f84b
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion crypto/cms/cms_rsa.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,8 +99,10 @@ static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
goto err;
if (label != NULL
&& EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0)
&& EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) {
OPENSSL_free(label);
goto err;
}
/* Carry on */
rv = 1;

Expand Down

0 comments on commit 7e3f84b

Please sign in to comment.