fix potential memory leak in PKCS12_add_key_ex()

function must make sure memorry allocated for `p8` gets freed in error path. Issue reported by LuMingYinDetect Fixes openssl#24453 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from openssl#24456)
bernd-edlinger · Jun 21, 2024 · adccf9b · adccf9b
1 parent cfa21ff
commit adccf9b
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
@@ -186,8 +186,11 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
         bag = PKCS12_SAFEBAG_create_pkcs8_encrypt(nid_key, pass, -1, NULL, 0,
                                                   iter, p8);
         PKCS8_PRIV_KEY_INFO_free(p8);
-    } else
+    } else {
         bag = PKCS12_SAFEBAG_create0_p8inf(p8);
+        if (!bag)
+            PKCS8_PRIV_KEY_INFO_free(p8);
+    }
 
     if (!bag)
         goto err;