Fixes #20145: free memory of certStatus before goto err #20406
Conversation
openssl-machine
added
the
hold: cla required
| @@ -817,8 +817,13 @@ OSSL_CMP_MSG *ossl_cmp_certConf_new(OSSL_CMP_CTX *ctx, int fail_info, | |||
| if ((certStatus = OSSL_CMP_CERTSTATUS_new()) == NULL) | |||
| goto err; | |||
| /* consume certStatus into msg right away so it gets deallocated with msg */ | |||
| if (!sk_OSSL_CMP_CERTSTATUS_push(msg->body->value.certConf, certStatus)) | |||
| if (sk_OSSL_CMP_CERTSTATUS_push(msg->body->value.certConf, certStatus) < 1) { | |||
There was a problem hiding this comment.
@DDvO What frees this stack in the normal case when this passes?
There was a problem hiding this comment.
As usual with ASN.1 structures, on success ownership of field contents is passed to the containing structure, so the (stack of) OSSL_CMP_CERTSTATUS will be freed along with the msg containing it.
I even tried to make this (rather) explicit here by the comment above.
|
Can we assert CLA: trivial, |
DDvO
added
branch: master
|
As these fixes should be done for all versions since 3.0, I added the respective labels. |
github-actions
bot
added
the
severity: fips change
|
Can somebody explain to me why suddenly
? So far I had assumed that this label has to do mainly with API (public header file) changes. |
Maybe the script is confused by the merge commits in this PR??? |
github-actions
bot
removed
the
severity: fips change
Good hint - with the but-last push, which did not actually change the actual PR contents |
DDvO
removed
the
approval: review pending
|
Please drop the merge commits by |
|
I would be OK with CLA: trivial for this. |
|
In one of the CI runs, unix-macos11-m1, one of the test cases in |
Do we need more people to agree here, or who is entitled to remove the hold: cla required? |
t8m
added
approval: done
All reviewers and the author must agree that a contribution is trivial and then a committer is allowed to lift it. |
|
@mhjd do you agree that the contribution is simple enough for not having to submit a CLA? |
I agree, it's trivial, no need to submit a CLA 👌 |
@mhjd Could you please use |
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
I wait the help of my professor, I have some problem with git rebase because it drop too many commits. Nevertheless I plan to retry when I have time, tomorrow or Saturday. |
paulidale
added
approval: ready to merge
|
I doubt this PR can really be merged in the current state, given the merge commits included. |
|
Sorry for the delay, I intend to try to solve it today. (There's been a strike problem for the last few weeks so I can't ask my teacher for help). |
|
We can resolve the problem when merging. |
CLA: trivial Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #20406)
|
Merged to master, 3.1, and 3.0 branches after squashing the commits. Thank you for your contribution. |
I have fix the issue #20145 with freeing memory of certStatus and changed the condition as asked in the issue.
I changed :
Into :