pkey: fix potential memory leak in PKey#sign

Fix potential leak of EVP_MD_CTX object in an error path. This path is normally unreachable, since the size of a signature generated by any supported algorithms would not be larger than LONG_MAX.
author: Kazuki Yamaguchi <k@rhe.jp> 2020-06-12 14:12:59 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2021-04-04 23:40:11 +0900
commit: 99e863051851852411920047c7803b425564426a (patch)
tree: 94a1712a348a0e9d09554220698f8f769f47c1c7
parent: 11801ad6b12895329e00220599fba100746a9137 (diff)
download: ruby-openssl-99e863051851852411920047c7803b425564426a.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 1c1f80bf..d3c65a4b 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -815,8 +815,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
         EVP_MD_CTX_free(ctx);
         ossl_raise(ePKeyError, "EVP_DigestSign");
     }
-    if (siglen > LONG_MAX)
+    if (siglen > LONG_MAX) {
+        EVP_MD_CTX_free(ctx);
         rb_raise(ePKeyError, "signature would be too large");
+    }
     sig = ossl_str_new(NULL, (long)siglen, &state);
     if (state) {
         EVP_MD_CTX_free(ctx);
@@ -837,8 +839,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
         EVP_MD_CTX_free(ctx);
         ossl_raise(ePKeyError, "EVP_DigestSignFinal");
     }
-    if (siglen > LONG_MAX)
+    if (siglen > LONG_MAX) {
+        EVP_MD_CTX_free(ctx);
         rb_raise(ePKeyError, "signature would be too large");
+    }
     sig = ossl_str_new(NULL, (long)siglen, &state);
     if (state) {
         EVP_MD_CTX_free(ctx);
author	Kazuki Yamaguchi <k@rhe.jp>	2020-06-12 14:12:59 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2021-04-04 23:40:11 +0900
commit	99e863051851852411920047c7803b425564426a (patch)
tree	94a1712a348a0e9d09554220698f8f769f47c1c7
parent	11801ad6b12895329e00220599fba100746a9137 (diff)
download	ruby-openssl-99e863051851852411920047c7803b425564426a.tar.gz