This is a discussion on [openssl.org #1542] others quick patches for memory leaks in pk7_smime.c and pk7_mime.c - Openssl ; Hi, I suggest some quick patches (memory leaks): All OS. All openssl versions. 1) in pk7_smime.c: 255a256 > sk_X509_free(signers); New code: tmpin =3D BIO_new_mem_buf(ptr, len); if (tmpin =3D=3D NULL) { =09 PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE ); sk_X509_free(signers); return 0; } 2) in pk7_mime.c: ...
Hi,
I suggest some quick patches (memory leaks):
All OS.
All openssl versions.
1) in pk7_smime.c:
255a256
> sk_X509_free(signers);
New code:
tmpin =3D BIO_new_mem_buf(ptr, len);
if (tmpin =3D=3D NULL)
{
=09
PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE );
sk_X509_free(signers);
return 0;
}
2) in pk7_mime.c:
653c653,657
< if(!mhdr) return NULL;
---
> if(!mhdr) {
> if(tmpname) OPENSSL_free(tmpname);
> if(tmpval) OPENSSL_free(tmpval);
> return NULL;
> }
656c660,663
< if(!(mhdr->params =3D sk_MIME_PARAM_new(mime_param_cmp))) return
NULL;
---
> if(!(mhdr->params =3D sk_MIME_PARAM_new(mime_param_cmp))) {
> mime_hdr_free(mhdr); =20
> return NULL;
> }
Line 678:
< if(!tmpval) return 0;
-----
> if(!tmpval) {=20
> if(tmpname) OPENSSL_free(tmpname); =20
> return 0;=20
> }
Line 682:
< if(!mparam) return 0;
-----
> if(!mparam) {=20
> if(tmpname) OPENSSL_free(tmpname); =20
> if(tmpval) OPENSSL_free(tmpval);=20
> return 0;=20
> }
Thanks
Eric
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
