From: Mykola Baibuz Date: Tue, 15 Oct 2019 18:09:17 +0000 (+0300) Subject: Fix leaks in priv_encode_gost() X-Git-Tag: v3.0.0~263^2~1^2 X-Git-Url: http://wagner.pp.ru/gitweb/?a=commitdiff_plain;h=refs%2Fpull%2F182%2Fhead;p=openssl-gost%2Fengine.git Fix leaks in priv_encode_gost() --- diff --git a/gost_ameth.c b/gost_ameth.c index b73f918..22631c0 100644 --- a/gost_ameth.c +++ b/gost_ameth.c @@ -424,16 +424,12 @@ static int priv_decode_gost(EVP_PKEY *pk, static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) { ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk)); - ASN1_STRING *params = encode_gost_algor_params(pk); + ASN1_STRING *params = NULL; unsigned char *buf = NULL; int key_len = pkey_bits_gost(pk), i = 0; /* unmasked private key */ const char *pk_format = get_gost_engine_param(GOST_PARAM_PK_FORMAT); - if (!params) { - return 0; - } - key_len = (key_len < 0) ? 0 : key_len / 8; if (key_len == 0 || !(buf = OPENSSL_malloc(key_len))) { return 0; @@ -444,6 +440,12 @@ static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) return 0; } + params = encode_gost_algor_params(pk); + if (!params) { + OPENSSL_free(buf); + return 0; + } + /* Convert buf to Little-endian */ for (i = 0; i < key_len / 2; i++) { unsigned char tmp = buf[i]; @@ -455,9 +457,13 @@ static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk) ASN1_STRING *octet = NULL; int priv_len = 0; unsigned char *priv_buf = NULL; - - octet = ASN1_STRING_new(); - ASN1_OCTET_STRING_set(octet, buf, key_len); + octet = ASN1_STRING_new(); + if (!octet || !ASN1_OCTET_STRING_set(octet, buf, key_len)) { + ASN1_STRING_free(octet); + ASN1_STRING_free(params); + OPENSSL_free(buf); + return 0; + } priv_len = i2d_ASN1_OCTET_STRING(octet, &priv_buf); ASN1_STRING_free(octet); OPENSSL_free(buf);