From 15dd075f708c58bbbbd18f98608fecfcb97f693a Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 1 May 2020 15:15:13 +0100 Subject: [PATCH] Fix a memory leak in CONF .include handling If OPENSSL_CONF_INCLUDE has been set then we may leak the "include" buffer. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11691) --- crypto/conf/conf_def.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 9dbda10edf..6efe291ac8 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -420,6 +420,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) OPENSSL_strlcpy(include_path, include_dir, newlen); OPENSSL_strlcat(include_path, "/", newlen); OPENSSL_strlcat(include_path, include, newlen); + OPENSSL_free(include); } else { include_path = include; } @@ -429,15 +430,11 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) next = process_include(include_path, &dirctx, &dirpath); if (include_path != dirpath) { /* dirpath will contain include in case of a directory */ - OPENSSL_free(include); - if (include_path != include) - OPENSSL_free(include_path); + OPENSSL_free(include_path); } #else next = BIO_new_file(include_path, "r"); - OPENSSL_free(include); - if (include_path != include) - OPENSSL_free(include_path); + OPENSSL_free(include_path); #endif if (next != NULL) { -- 2.25.1