Hello folks, There seems to be a (potential) memory leak in PEM_bytes_read_bio() (at least 0.9.7 (-b3 ? )
if the decrypt of the data fails, the "name" leaks...
(sorry could not check if it is allready fixed,
am not able to access www.openssl.org)
Bye
Goetz
Index: pem_lib.c
===================================================================
RCS file: /usr/cvsroot/openssl/crypto/pem/pem_lib.c,v
retrieving revision 1.10
diff -u -r1.10 pem_lib.c
--- pem_lib.c 2002/05/30 10:54:20 1.10
+++ pem_lib.c 2002/10/29 16:19:07
@@ -251,7 +251,7 @@
ret = 1;
err:
- if (!pnm) OPENSSL_free(nm);
+ if (!pnm || !ret) OPENSSL_free(nm);
OPENSSL_free(header);
if (!ret) OPENSSL_free(data);
return ret;
(beware: the CVS versions are from our local repository...)
--
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
smime.p7s
Description: S/MIME Cryptographic Signature
