ok bcook@

On Thu, Apr 5, 2018 at 12:06 PM, Theo Buehler <t...@openbsd.org> wrote:

> If EVP_Digest() fails, str is leaked.
>
> This is part of the combo-diff 83b4049ab75e9da1815e9c854a9297bca3d4af6b
> some more of which may also apply to us, but I'm still disentangling it.
> See also https://github.com/openssl/openssl/issues/2111
>
> Index: lib/libcrypto/asn1/a_digest.c
> ===================================================================
> RCS file: /var/cvs/src/lib/libcrypto/asn1/a_digest.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 a_digest.c
> --- lib/libcrypto/asn1/a_digest.c       11 Jul 2014 08:44:47 -0000
> 1.15
> +++ lib/libcrypto/asn1/a_digest.c       5 Apr 2018 16:46:22 -0000
> @@ -77,8 +77,11 @@ ASN1_item_digest(const ASN1_ITEM *it, co
>         if (!str)
>                 return (0);
>
> -       if (!EVP_Digest(str, i, md, len, type, NULL))
> -               return 0;
> +       if (!EVP_Digest(str, i, md, len, type, NULL)) {
> +               free(str);
> +               return (0);
> +       }
> +
>         free(str);
>         return (1);
>  }
>
>

Reply via email to