From 3bfab15f4911dc67524896cb70d97b72c71ff0a0 Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Fri, 10 Mar 2023 11:55:39 +0000 Subject: ASN.1 BIO: properly wire up prefix_free and suffix_free If something goes wrong before the ASN.1 BIO state machine has passed both flushing states, asn1_bio_free() forgets to free the ndef_aux and the ex_arg since the prefix_free() and suffix_free callbacks are not called. This can lead to leaks, notably in streaming bios. Part of https://github.com/openssl/openssl/pull/15999 I have a regress covering this but it is not yet ready to land. ok beck jsing --- lib/libcrypto/asn1/bio_asn1.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c index 05bc1f7ad38..21f33ecfc90 100644 --- a/lib/libcrypto/asn1/bio_asn1.c +++ b/lib/libcrypto/asn1/bio_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_asn1.c,v 1.18 2023/03/04 11:58:29 tb Exp $ */ +/* $OpenBSD: bio_asn1.c,v 1.19 2023/03/10 11:55:38 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -177,6 +177,12 @@ asn1_bio_free(BIO *b) ctx = (BIO_ASN1_BUF_CTX *) b->ptr; if (ctx == NULL) return 0; + + if (ctx->prefix_free != NULL) + ctx->prefix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg); + if (ctx->suffix_free != NULL) + ctx->suffix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg); + free(ctx->buf); free(ctx); b->init = 0; -- cgit v1.2.3