mirror of
https://github.com/openssl/openssl.git
synced 2024-12-25 18:03:35 +08:00
Don't leak memory on error in i2b_PVK
The i2b_PVK function leaked a number of different memory allocations on error paths (and even some non-error paths). Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
parent
204cf9406e
commit
8e588e2812
@ -807,26 +807,29 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
|
||||
{
|
||||
int outlen = 24, pklen;
|
||||
unsigned char *p, *salt = NULL;
|
||||
EVP_CIPHER_CTX *cctx = EVP_CIPHER_CTX_new();
|
||||
EVP_CIPHER_CTX *cctx = NULL;
|
||||
if (enclevel)
|
||||
outlen += PVK_SALTLEN;
|
||||
pklen = do_i2b(NULL, pk, 0);
|
||||
if (pklen < 0)
|
||||
return -1;
|
||||
outlen += pklen;
|
||||
if (!out)
|
||||
if (out == NULL)
|
||||
return outlen;
|
||||
if (*out)
|
||||
if (*out != NULL) {
|
||||
p = *out;
|
||||
else {
|
||||
} else {
|
||||
p = OPENSSL_malloc(outlen);
|
||||
if (p == NULL) {
|
||||
PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
|
||||
return -1;
|
||||
}
|
||||
*out = p;
|
||||
}
|
||||
|
||||
cctx = EVP_CIPHER_CTX_new();
|
||||
if (cctx == NULL)
|
||||
return -1;
|
||||
|
||||
write_ledword(&p, MS_PVKMAGIC);
|
||||
write_ledword(&p, 0);
|
||||
if (EVP_PKEY_id(pk) == EVP_PKEY_DSA)
|
||||
@ -843,9 +846,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
|
||||
p += PVK_SALTLEN;
|
||||
}
|
||||
do_i2b(&p, pk, 0);
|
||||
if (enclevel == 0)
|
||||
return outlen;
|
||||
else {
|
||||
if (enclevel != 0) {
|
||||
char psbuf[PEM_BUFSIZE];
|
||||
unsigned char keybuf[20];
|
||||
int enctmplen, inlen;
|
||||
@ -871,7 +872,12 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
|
||||
if (!EVP_DecryptFinal_ex(cctx, p + enctmplen, &enctmplen))
|
||||
goto error;
|
||||
}
|
||||
|
||||
EVP_CIPHER_CTX_free(cctx);
|
||||
|
||||
if (*out == NULL)
|
||||
*out = p;
|
||||
|
||||
return outlen;
|
||||
|
||||
error:
|
||||
|
Loading…
Reference in New Issue
Block a user