On Tue, Nov 08, 2022 at 01:01:17PM +0100, Tobias Heider wrote:
> If EVP_PKEY_set1_RSA() returns 0 we seem leak pk here.
>
> ok?
>
> Index: rsa/rsa_prn.c
> ===================================================================
> RCS file: /cvs/src/lib/libcrypto/rsa/rsa_prn.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 rsa_prn.c
> --- rsa/rsa_prn.c 29 Jan 2017 17:49:23 -0000 1.7
> +++ rsa/rsa_prn.c 8 Nov 2022 11:59:28 -0000
> @@ -85,8 +85,10 @@ RSA_print(BIO *bp, const RSA *x, int off
> int ret;
>
> pk = EVP_PKEY_new();
> - if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
> + if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x)) {
> + EVP_PKEY_free(pk);
> return 0;
> + }
I'd rewrite this as:
if ((pk = EVP_PKEY_new()) == NULL)
goto out;
if (!EVP_PKEY_set1_RSA(pk, (RSA *)x))
goto out;
> ret = EVP_PKEY_print_private(bp, pk, off, NULL);
out:
> EVP_PKEY_free(pk);
> return ret;
>
