From: Matt Caswell Date: Fri, 1 May 2020 14:15:13 +0000 (+0100) Subject: Fix a memory leak in CONF .include handling X-Git-Tag: openssl-3.0.0-alpha2~73 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=15dd075f708c58bbbbd18f98608fecfcb97f693a;p=oweals%2Fopenssl.git Fix a memory leak in CONF .include handling If OPENSSL_CONF_INCLUDE has been set then we may leak the "include" buffer. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11691) --- diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 9dbda10edf..6efe291ac8 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -420,6 +420,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) OPENSSL_strlcpy(include_path, include_dir, newlen); OPENSSL_strlcat(include_path, "/", newlen); OPENSSL_strlcat(include_path, include, newlen); + OPENSSL_free(include); } else { include_path = include; } @@ -429,15 +430,11 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) next = process_include(include_path, &dirctx, &dirpath); if (include_path != dirpath) { /* dirpath will contain include in case of a directory */ - OPENSSL_free(include); - if (include_path != include) - OPENSSL_free(include_path); + OPENSSL_free(include_path); } #else next = BIO_new_file(include_path, "r"); - OPENSSL_free(include); - if (include_path != include) - OPENSSL_free(include_path); + OPENSSL_free(include_path); #endif if (next != NULL) {