From: Matt Caswell <matt@openssl.org>
Date: Thu, 28 Apr 2016 18:49:17 +0000 (+0100)
Subject: Fix a leak in i2b_PVK
X-Git-Tag: OpenSSL_1_1_0-pre6~1011
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=098c1e3d1425ffdad15e6001b4fc9f2a606f3d83;p=oweals%2Fopenssl.git

Fix a leak in i2b_PVK

Commit 8e588e28 fixed a leak but introduced a new one.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index e7ee6ddf9c..dc9008809b 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -806,7 +806,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
                    pem_password_cb *cb, void *u)
 {
     int outlen = 24, pklen;
-    unsigned char *p, *salt = NULL;
+    unsigned char *p = NULL, *salt = NULL;
     EVP_CIPHER_CTX *cctx = NULL;
     if (enclevel)
         outlen += PVK_SALTLEN;
@@ -828,7 +828,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
 
     cctx = EVP_CIPHER_CTX_new();
     if (cctx == NULL)
-        return -1;
+        goto error;
 
     write_ledword(&p, MS_PVKMAGIC);
     write_ledword(&p, 0);
@@ -882,6 +882,8 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
 
  error:
     EVP_CIPHER_CTX_free(cctx);
+    if (*out == NULL)
+        OPENSSL_free(p);
     return -1;
 }