Calling CMS_decrypt on the same CMS_ContentInfo instance as CMS_encrypt causes memory leak

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Calling CMS_decrypt on the same CMS_ContentInfo instance as CMS_encrypt causes memory leak

Andrei Hîrgău
Hi,

There seems to be an issue with CMS_decrypt. It seems that if we have
code like this:

CMS_ContentInfo* ci = CMS_encrypt(...);
CMS_decrypt(ci, ...);
CMS_ContentInfo_free(ci);

we leak the X509 certificate's public key. If the call to CMS_decrypt
is commented out, then no leak happens, as the key is freed by the
call to CMS_ContentInfo_free. I created this issue[1] with a concrete
example of this case.

Is the expectation here that if you call CMS_decrypt on the same
CMS_ContentInfo instance then you have to call EVP_PKEY_free on the
public key twice? Does anyone have any thoughts on this?

[1] https://github.com/openssl/openssl/issues/5052
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users