From 750403478bec5bd7802227938542dd439cd0fb30 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 22 Feb 2022 13:45:09 +0000 Subject: [PATCH] Plug leak in ec_key_create() EVP_PKEY_set1_EC_KEY() bumps the refcount of eckey, so eckey won't be freed at the end of keyproc() or acctproc(), which means that secrets aren't wiped. Move EC_KEY_free() to the out label, so that the refcount is decremented or the key freed, as appropriate. tested/ok claudio --- usr.sbin/acme-client/key.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/acme-client/key.c b/usr.sbin/acme-client/key.c index 051d1cc33aa..c3374914547 100644 --- a/usr.sbin/acme-client/key.c +++ b/usr.sbin/acme-client/key.c @@ -1,4 +1,4 @@ -/* $Id: key.c,v 1.5 2022/02/22 12:38:30 tb Exp $ */ +/* $Id: key.c,v 1.6 2022/02/22 13:45:09 tb Exp $ */ /* * Copyright (c) 2019 Renaud Allard * Copyright (c) 2016 Kristaps Dzonsons @@ -116,10 +116,10 @@ ec_key_create(FILE *f, const char *fname) goto out; err: - EC_KEY_free(eckey); EVP_PKEY_free(pkey); pkey = NULL; out: + EC_KEY_free(eckey); return pkey; } -- 2.20.1