openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix a possible memory leak in SM2 provider 

ctx->propq that strdup from input parameter propq in sm2sig_newctx,
is not released. It should be released in sm2sig_freectx and copied
to dstctx in sm2sig_dupctx. And dstctx->id and dstctx->propq should
be set NULL to avoid releasing id/propq of srcctx when err occurs.

Signed-off-by: Huiyue Xu <xuhuiyue@huawei.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22796)
This commit is contained in:
Huiyue Xu 2023-11-22 09:55:27 +08:00 committed by Hugo Landau
parent 7fa47fe5b9
commit e7d34d7ae3
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
providers/implementations/signature/sm2_sig.c
View File

@ -329,6 +329,7 @@ static void sm2sig_freectx(void *vpsm2ctx)
free_md(ctx);
EC_KEY_free(ctx->ec);
OPENSSL_free(ctx->propq);
OPENSSL_free(ctx->id);
OPENSSL_free(ctx);
}
@ -344,13 +345,21 @@ static void *sm2sig_dupctx(void *vpsm2ctx)
*dstctx = *srcctx;
dstctx->ec = NULL;
dstctx->propq = NULL;
dstctx->md = NULL;
dstctx->mdctx = NULL;
dstctx->id = NULL;
if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec))
goto err;
dstctx->ec = srcctx->ec;
if (srcctx->propq != NULL) {
dstctx->propq = OPENSSL_strdup(srcctx->propq);
if (dstctx->propq == NULL)
goto err;
}
if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
goto err;
dstctx->md = srcctx->md;