openssl: Fix memory leak in read_rsa_bignums().
authorAndre Noll <maan@tuebingen.mpg.de>
Wed, 29 Aug 2018 10:14:38 +0000 (12:14 +0200)
committerAndre Noll <maan@tuebingen.mpg.de>
Wed, 29 Aug 2018 13:46:24 +0000 (15:46 +0200)
If an error occurs while reading the second bignum we leak the memory
allocated for the first bignum.

openssl.c

index 7d5bb25..4895e17 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -124,11 +124,11 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
                return -E_BIGNUM;
        ret = read_bignum(p, end - p, &e);
        if (ret < 0)
-               goto fail;
+               goto free_rsa;
        p += ret;
        ret = read_bignum(p, end - p, &n);
        if (ret < 0)
-               goto fail;
+               goto free_e;
 #ifdef HAVE_RSA_SET0_KEY
        RSA_set0_key(rsa, n, e, NULL);
 #else
@@ -137,7 +137,9 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result)
 #endif
        *result = rsa;
        return 1;
-fail:
+free_e:
+       BN_free(e);
+free_rsa:
        RSA_free(rsa);
        return ret;
 }