RESOURCE_LEAK in method STACK_OF(TRUST_TOKEN) *voprf_unblind before return 0
Change-Id: I4288988f3742f14b15f80a3023b716392a667631
Signed-off-by: wangjiale3 <wangjiale3@xiaomi.corp-partner.google.com>
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58485
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/trust_token/voprf.c b/crypto/trust_token/voprf.c
index adf02a7..49a324e 100644
--- a/crypto/trust_token/voprf.c
+++ b/crypto/trust_token/voprf.c
@@ -563,25 +563,23 @@
return NULL;
}
- int ok = 0;
- STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
- if (ret == NULL) {
- return NULL;
- }
-
if (count > ((size_t)-1) / sizeof(EC_RAW_POINT) ||
count > ((size_t)-1) / sizeof(EC_SCALAR)) {
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW);
- return 0;
+ return NULL;
}
+
+ int ok = 0;
+ STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
EC_RAW_POINT *BTs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
EC_RAW_POINT *Zs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
EC_SCALAR *es = OPENSSL_malloc(count * sizeof(EC_SCALAR));
CBB batch_cbb;
CBB_zero(&batch_cbb);
- if (!BTs ||
- !Zs ||
- !es ||
+ if (ret == NULL ||
+ BTs == NULL ||
+ Zs == NULL ||
+ es == NULL ||
!CBB_init(&batch_cbb, 0) ||
!cbb_add_point(&batch_cbb, method->group, &key->pubs)) {
goto err;
