1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ruby/openssl] pkey: fix potential memory leak in PKey#sign

Browse Source 
Fix potential leak of EVP_MD_CTX object in an error path. This path is
normally unreachable, since the size of a signature generated by any
supported algorithms would not be larger than LONG_MAX.

https://github.com/ruby/openssl/commit/99e8630518
This commit is contained in:
Kazuki Yamaguchi 2020-06-12 14:12:59 +09:00
parent b7a908af34
commit 1706302be5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ext/openssl/ossl_pkey.c
View File

@ -815,8 +815,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
EVP_MD_CTX_free(ctx); EVP_MD_CTX_free(ctx);
ossl_raise(ePKeyError, "EVP_DigestSign"); ossl_raise(ePKeyError, "EVP_DigestSign");
} }
if (siglen > LONG_MAX) if (siglen > LONG_MAX) {
EVP_MD_CTX_free(ctx);
rb_raise(ePKeyError, "signature would be too large"); rb_raise(ePKeyError, "signature would be too large");
}
sig = ossl_str_new(NULL, (long)siglen, &state); sig = ossl_str_new(NULL, (long)siglen, &state);
if (state) { if (state) {
EVP_MD_CTX_free(ctx); EVP_MD_CTX_free(ctx);
@ -837,8 +839,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
EVP_MD_CTX_free(ctx); EVP_MD_CTX_free(ctx);
ossl_raise(ePKeyError, "EVP_DigestSignFinal"); ossl_raise(ePKeyError, "EVP_DigestSignFinal");
} }
if (siglen > LONG_MAX) if (siglen > LONG_MAX) {
EVP_MD_CTX_free(ctx);
rb_raise(ePKeyError, "signature would be too large"); rb_raise(ePKeyError, "signature would be too large");
}
sig = ossl_str_new(NULL, (long)siglen, &state); sig = ossl_str_new(NULL, (long)siglen, &state);
if (state) { if (state) {
EVP_MD_CTX_free(ctx); EVP_MD_CTX_free(ctx);