Free {priv,pub}_key before assigning to it

While it isn't the case for the default implementations, custom DH and DSA
methods could conceivably populate private and public keys, which in turn
would result in leaks in the pub/priv decode methods.

ok jsing

diff --git a/lib/libcrypto/dh/dh_ameth.c b/lib/libcrypto/dh/dh_ameth.c
index 88fec6b..ec9fe43 100644 (file)
--- a/lib/libcrypto/dh/dh_ameth.c
+++ b/lib/libcrypto/dh/dh_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_ameth.c,v 1.37 2023/08/12 07:43:48 tb Exp $ */
+/* $OpenBSD: dh_ameth.c,v 1.38 2023/08/12 07:50:47 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -111,6 +111,7 @@ dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
                DHerror(DH_R_DECODE_ERROR);
                goto err;
        }
+       BN_free(dh->pub_key);
        if ((dh->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) {
                DHerror(DH_R_BN_DECODE_ERROR);
                goto err;
@@ -223,6 +224,7 @@ dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
                DHerror(DH_R_DECODE_ERROR);
                goto err;
        }
+       BN_free(dh->priv_key);
        if ((dh->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) {
                DHerror(DH_R_BN_DECODE_ERROR);
                goto err;

diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c
index 83fdf21..d6b0546 100644 (file)
--- a/lib/libcrypto/dsa/dsa_ameth.c
+++ b/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ameth.c,v 1.53 2023/08/12 07:46:14 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.54 2023/08/12 07:50:47 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -114,6 +114,7 @@ dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
                DSAerror(DSA_R_DECODE_ERROR);
                goto err;
        }
+       BN_free(dsa->pub_key);
        if ((dsa->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) {
                DSAerror(DSA_R_BN_DECODE_ERROR);
                goto err;
@@ -236,6 +237,7 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
                DSAerror(DSA_R_DECODE_ERROR);
                goto err;
        }
+       BN_free(dsa->priv_key);
        if ((dsa->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) {
                DSAerror(DSA_R_BN_DECODE_ERROR);
                goto err;
@@ -246,6 +248,7 @@ dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
                goto err;
 
        /* Calculate public key */
+       BN_free(dsa->pub_key);
        if ((dsa->pub_key = BN_new()) == NULL) {
                DSAerror(ERR_R_MALLOC_FAILURE);
                goto err;