PKCS8_pkey_set0 doesn't take ownership on error. It carefully NULLs all references to the buffer, so the failure cases still need to call OPENSSL_free. Change-Id: Ia14341ecea81296f94e467325ab6eff1362e987e Reviewed-on: https://boringssl-review.googlesource.com/5271 Reviewed-by: Adam Langley <agl@google.com>

commit: 2e40091dd476df545c72a84194da8104338c0e48 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Wed Jun 17 00:02:11 2015 -0400
committer: Adam Langley <agl@google.com> Tue Jul 07 02:30:37 2015 +0000
tree: a02c72e2404b6301b11107bf37791fa726e5682a
parent: 183eba4dc9f276e7a357ab704e5ee65492e71827 [diff]
diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c
index 75f4d8d..e08f192 100644
--- a/crypto/evp/p_ec_asn1.c
+++ b/crypto/evp/p_ec_asn1.c

@@ -325,6 +325,7 @@
 
   if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_X9_62_id_ecPublicKey),
                        0, ptype, pval, ep, eplen)) {
+    OPENSSL_free(ep);
     return 0;
   }
 

diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c
index a6f5b22..a966af5 100644
--- a/crypto/evp/p_rsa_asn1.c
+++ b/crypto/evp/p_rsa_asn1.c

@@ -122,6 +122,7 @@
   /* TODO(fork): const correctness in next line. */
   if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0,
                        V_ASN1_NULL, NULL, rk, rklen)) {
+    OPENSSL_free(rk);
     OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE);
     return 0;
   }
commit	2e40091dd476df545c72a84194da8104338c0e48	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Wed Jun 17 00:02:11 2015 -0400
committer	Adam Langley <agl@google.com>	Tue Jul 07 02:30:37 2015 +0000
tree	a02c72e2404b6301b11107bf37791fa726e5682a
parent	183eba4dc9f276e7a357ab704e5ee65492e71827 [diff]