Hi all,
there seems to be a potential memory leak in file rsa_oaep.c in function
RSA_padding_add_PKCS1_OAEP in lines
if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
return 0;
Some lines before there is a memory allocation
dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH);
and dbmask should be freed before the return.
Please correct if I am right.
Best regards
Martin Gerbershagen
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
