Red Hat Bugzilla – Bug 1312112
Memory leak in PKCS12_parse with unnamed bags
Last modified: 2016-11-03 22:05:51 EDT
Issue present with openssl-1.0.1e-51.el7_2.2.x86_64
+++ This bug was initially created as a clone of Bug #1229871 +++
Description of problem:
When a certificate bag in a PKCS12 file has no friendly name, PKCS12_parse will leak 1 byte on every call.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a PKCS12 structure with a certificate that has no friendly name. PKCS12_create should easily create such a structure.
2. Call PKCS12_parse to get the certificate back out. Free the certificate, key, and ca stack.
3. Run with valgrind to show that 1 byte has been leaked from the call.
All memory freed
This is fixed in OpenSSL 1.0.2a (crypto/pkcs12/p12_kiss.c)
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.