projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b84460a)
mem leak on error path and error propagation fix
authorYuchi <yt8mn@virginia.edu>
Mon, 6 Feb 2017 00:33:47 +0000 (19:33 -0500)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Feb 2017 10:19:50 +0000 (10:19 +0000)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2559)

apps/ts.c patch | blob | history
crypto/ec/ec_ameth.c patch | blob | history
ssl/ssl_ciph.c patch | blob | history

diff --git a/apps/ts.c b/apps/ts.c
index 6c0adb1423430e2c11eb2e51496b010055f440ea..0db6b509f8dd0b31d15760cf4b5e0dab97912ff5 100644 (file)
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -887,9 +887,15 @@ static TS_VERIFY_CTX *create_verify_ctx(const char *data, const char *digest,
             goto err;
         f = TS_VFY_VERSION | TS_VFY_SIGNER;
         if (data != NULL) {
+            BIO *out = NULL;
+
             f |= TS_VFY_DATA;
-            if (TS_VERIFY_CTX_set_data(ctx, BIO_new_file(data, "rb")) == NULL)
+            if ((out = BIO_new_file(data, "rb")) == NULL)
+                goto err;
+            if (TS_VERIFY_CTX_set_data(ctx, out) == NULL) {
+                BIO_free_all(out);
                 goto err;
+            }
         } else if (digest != NULL) {
             long imprint_len;
             unsigned char *hexstr = OPENSSL_hexstr2buf(digest, &imprint_len);
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 66437e0da5755be92022acd51211ef0b2bf3bb4a..fa5bd0318ca70b348e71171f402ffb8b63bd9137 100644 (file)
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -254,8 +254,10 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
     }
 
     if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
-                         ptype, pval, ep, eplen))
+                         ptype, pval, ep, eplen)) {
+        OPENSSL_free(ep);
         return 0;
+    }
 
     return 1;
 }
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index d28b53df924984588116bf4d792e86ea91e8fccd..93da3dc19c96c5a60921247e0c868fc627bad2fd 100644 (file)
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1838,7 +1838,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
     if (id < 193 || id > 255) {
         SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
                SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
-        return 0;
+        return 1;
     }
 
     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
Unnamed repository; edit this file 'description' to name the repository.