From 58c4462fa1ae0d31563493e06c68635144ba5754 Mon Sep 17 00:00:00 2001
From: inoguchi <inoguchi@openbsd.org>
Date: Sun, 16 Jan 2022 07:11:49 +0000
Subject: [PATCH] Avoid memory leak in error path with openssl(1) cms

CID 345314 345320

ok tb@
---
 usr.bin/openssl/cms.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/usr.bin/openssl/cms.c b/usr.bin/openssl/cms.c
index 8d066e5a55d..5b876941fb9 100644
--- a/usr.bin/openssl/cms.c
+++ b/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms.c,v 1.28 2022/01/08 06:05:39 inoguchi Exp $ */
+/* $OpenBSD: cms.c,v 1.29 2022/01/16 07:11:49 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -1395,6 +1395,7 @@ cms_main(int argc, char **argv)
 				BIO_printf(bio_err,
 				    "Error writing certs to %s\n",
 				    cms_config.certsoutfile);
+				sk_X509_pop_free(allcerts, X509_free);
 				ret = 5;
 				goto end;
 			}
@@ -1695,6 +1696,7 @@ cms_main(int argc, char **argv)
 				BIO_printf(bio_err,
 				    "Error writing signers to %s\n",
 				    cms_config.signerfile);
+				sk_X509_free(signers);
 				ret = 5;
 				goto end;
 			}
-- 
2.20.1