Plug a leak in ASN1_item_i2d()

ASN1_item_ex_i2d() does not take ownership of the memory pointed at by *out, so it's the caller's responsibility to free it on error. Change-Id: Id8cb70e50f280944418629a32b53fd4ca248b0bd Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57805 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
author: Theo Buehler <theorbuehler@gmail.com> 2023-03-05 23:41:50 +0100
committer: Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> 2023-03-05 23:28:31 +0000
commit: 3a7dfdb984434a4b4beef947b2e49602c557c0de (patch)
tree: acd42d60e1fd6c1e7909a2342d066f9a28c7f2d4 /crypto/asn1
parent: 93e8d4463d59d671e9c5c6171226341f04b07907 (diff)
download: boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.zip
boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.tar.gz
boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
index 9d4d587..ca3b3fc 100644
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -97,6 +97,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) {
     p = buf;
     int len2 = ASN1_item_ex_i2d(&val, &p, it, /*tag=*/-1, /*aclass=*/0);
     if (len2 <= 0) {
+      OPENSSL_free(buf);
       return len2;
     }
     assert(len == len2);
author	Theo Buehler <theorbuehler@gmail.com>	2023-03-05 23:41:50 +0100
committer	Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>	2023-03-05 23:28:31 +0000
commit	3a7dfdb984434a4b4beef947b2e49602c557c0de (patch)
tree	acd42d60e1fd6c1e7909a2342d066f9a28c7f2d4 /crypto/asn1
parent	93e8d4463d59d671e9c5c6171226341f04b07907 (diff)
download	boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.zip boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.tar.gz boringssl-3a7dfdb984434a4b4beef947b2e49602c557c0de.tar.bz2