QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-04-30 03:34:39 +00:00
Code Issues Projects Releases Wiki Activity

X509_PUBKEY_set(): Fix memory leak

Browse Source 
With the provided method of creating the new X509_PUBKEY, an extra
EVP_PKEY is created and needs to be properly cleaned away.

(note: we could choose to keep it just as well, but there are
consequences, explained in a comment in the code)

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11038)
This commit is contained in:
Richard Levitte 2020-02-07 09:13:21 +01:00
parent 29f178bddf
commit a076951b71
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
crypto/x509/x_pubkey.c
View File

@ -111,6 +111,22 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
goto error; goto error;
} }
*x = pk; *x = pk;
/*
* pk->pkey is NULL when using the legacy routine, but is non-NULL when
* going through the serializer, and for all intents and purposes, it's
* a perfect copy of |pkey|, just not the same instance. In that case,
* we could simply return early, right here.
* However, in the interest of being cautious leaning on paranoia, some
* application might very well depend on the passed |pkey| being used
* and none other, so we spend a few more cycles throwing away the newly
* created |pk->pkey| and replace it with |pkey|.
* TODO(3.0) Investigate if it's safe to change to simply return here
* if |pk->pkey != NULL|.
*/
if (pk->pkey != NULL)
EVP_PKEY_free(pk->pkey);
pk->pkey = pkey; pk->pkey = pkey;
return 1; return 1;