From 8ba2322e11460255d79bea6b69b7eea2f6857efc Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Thu, 7 Jul 2022 17:12:15 +0000
Subject: [PATCH] Make CBB_finish() fail if *out_data is not NULL

Contrary to CBS_stow(), CBB_finish() will leak, so ensure we fail if
*out_data is populated.

Discussed with & ok jsing
---
 lib/libssl/bs_cbb.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/libssl/bs_cbb.c b/lib/libssl/bs_cbb.c
index 95e53861f00..e2f87be4d2e 100644
--- a/lib/libssl/bs_cbb.c
+++ b/lib/libssl/bs_cbb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bs_cbb.c,v 1.27 2022/01/06 14:30:30 jsing Exp $	*/
+/*	$OpenBSD: bs_cbb.c,v 1.28 2022/07/07 17:12:15 tb Exp $	*/
 /*
  * Copyright (c) 2014, Google Inc.
  *
@@ -163,6 +163,9 @@ CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len)
 		 */
 		return 0;
 
+	if (out_data != NULL && *out_data != NULL)
+		return 0;
+
 	if (out_data != NULL)
 		*out_data = cbb->base->buf;
 
-- 
2.20.1