Skip to content

Commit

Permalink
Fix a possible memory leak in req_main
Browse files Browse the repository at this point in the history
if the private key is output to stdout using the HARNESS_OSSL_PREFIX,
out is a stack of BIOs and must therefore free'd using BIO_free_all.

Steps to reproduce:

$ HARNESS_OSSL_PREFIX=x OPENSSL_CONF=apps/openssl.cnf util/shlib_wrap.sh apps/openssl req -new -keyout - -passout pass: </dev/null
[...]
Direct leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x7f6f692b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7f6f686eda00 in CRYPTO_malloc crypto/mem.c:202
    #2 0x7f6f686edba0 in CRYPTO_zalloc crypto/mem.c:222
    #3 0x7f6f68471bdf in BIO_new_ex crypto/bio/bio_lib.c:83
    #4 0x7f6f68491a8f in BIO_new_fp crypto/bio/bss_file.c:95
    #5 0x555c5f58b378 in dup_bio_out apps/lib/apps.c:3014
    #6 0x555c5f58f9ac in bio_open_default_ apps/lib/apps.c:3175
    #7 0x555c5f58f9ac in bio_open_default apps/lib/apps.c:3203
    #8 0x555c5f528537 in req_main apps/req.c:683
    #9 0x555c5f50e315 in do_cmd apps/openssl.c:426
    #10 0x555c5f4c5575 in main apps/openssl.c:307
    #11 0x7f6f680461c9 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: 128 byte(s) leaked in 1 allocation(s).

Reviewed-by: Tom Cosgrove <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from openssl/openssl#23365)

(cherry picked from commit ff78d94)
  • Loading branch information
bernd-edlinger authored and t8m committed Jan 24, 2024
1 parent d39776d commit 9601413
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion apps/req.c
Original file line number Diff line number Diff line change
Expand Up @@ -733,7 +733,7 @@ int req_main(int argc, char **argv)
}
goto end;
}
BIO_free(out);
BIO_free_all(out);
out = NULL;
BIO_printf(bio_err, "-----\n");
}
Expand Down

0 comments on commit 9601413

Please sign in to comment.