Bug 1312112 - Memory leak in PKCS12_parse with unnamed bags
Memory leak in PKCS12_parse with unnamed bags
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openssl (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity low
: rc
: ---
Assigned To: Tomas Mraz
Hubert Kario
:
Depends On: 1229871
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-25 13:37 EST by Hubert Kario
Modified: 2016-11-03 22:05 EDT (History)
4 users (show)

See Also:
Fixed In Version: openssl-1.0.1e-56.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1229871
Environment:
Last Closed: 2016-11-03 22:05:51 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Hubert Kario 2016-02-25 13:37:59 EST
Issue present with openssl-1.0.1e-51.el7_2.2.x86_64

+++ This bug was initially created as a clone of Bug #1229871 +++

Description of problem:
When a certificate bag in a PKCS12 file has no friendly name, PKCS12_parse will leak 1 byte on every call.

Version-Release number of selected component (if applicable):
1.0.1e-30

How reproducible:
Always

Steps to Reproduce:
1. Create a PKCS12 structure with a certificate that has no friendly name.  PKCS12_create should easily create such a structure.
2. Call PKCS12_parse to get the certificate back out.  Free the certificate, key, and ca stack.
3. Run with valgrind to show that 1 byte has been leaked from the call.

Actual results:
Memory leak

Expected results:
All memory freed

Additional info:
This is fixed in OpenSSL 1.0.2a (crypto/pkcs12/p12_kiss.c)
Comment 5 errata-xmlrpc 2016-11-03 22:05:51 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2271.html

Note You need to log in before you can comment on or make changes to this bug.