Commit 5e8129f2 authored by Matt Caswell's avatar Matt Caswell
Browse files

Don't leak an ASN1_OCTET_STRING on error in rsa_cms_encrypt 



The rsa_cms_encrypt() function allocates an ASN1_OCTET_STRING but can
then fail to free it in an error condition.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent d54ac5c4

crypto/rsa/rsa_ameth.c

+2 −1
Original line number Diff line number Diff line
@@ -849,10 +849,11 @@ static int rsa_cms_encrypt(CMS_RecipientInfo *ri) 
    if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))

        goto err;

    if (labellen > 0) {

        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();

        ASN1_OCTET_STRING *los;

        oaep->pSourceFunc = X509_ALGOR_new();

        if (oaep->pSourceFunc == NULL)

            goto err;

        los = ASN1_OCTET_STRING_new();

        if (los == NULL)

            goto err;

        if (!ASN1_OCTET_STRING_set(los, label, labellen)) {