[ruby/openssl] pkey: fix potential memory leak in PKey#sign

Fix potential leak of EVP_MD_CTX object in an error path. This path is normally unreachable, since the size of a signature generated by any supported algorithms would not be larger than LONG_MAX. https://github.com/ruby/openssl/commit/99e8630518
author: Kazuki Yamaguchi <[email protected]> 2020-06-12 14:12:59 +0900
committer: Kazuki Yamaguchi <[email protected]> 2021-07-18 17:44:44 +0900
commit: 1706302be51454c4c81ab06b771e8cad8879078e (patch)
tree: 3fca42b709045a51c30724303ea0a5e04f18c51d /ext/openssl/ossl_pkey.c
parent: b7a908af3420d12a6471c5f2d9cbae7faa4451b8 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 1c1f80bf80..d3c65a4b3e 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -815,8 +815,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
         EVP_MD_CTX_free(ctx);
         ossl_raise(ePKeyError, "EVP_DigestSign");
     }
-    if (siglen > LONG_MAX)
+    if (siglen > LONG_MAX) {
+        EVP_MD_CTX_free(ctx);
         rb_raise(ePKeyError, "signature would be too large");
+    }
     sig = ossl_str_new(NULL, (long)siglen, &state);
     if (state) {
         EVP_MD_CTX_free(ctx);
@@ -837,8 +839,10 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
         EVP_MD_CTX_free(ctx);
         ossl_raise(ePKeyError, "EVP_DigestSignFinal");
     }
-    if (siglen > LONG_MAX)
+    if (siglen > LONG_MAX) {
+        EVP_MD_CTX_free(ctx);
         rb_raise(ePKeyError, "signature would be too large");
+    }
     sig = ossl_str_new(NULL, (long)siglen, &state);
     if (state) {
         EVP_MD_CTX_free(ctx);
author	Kazuki Yamaguchi <[email protected]>	2020-06-12 14:12:59 +0900
committer	Kazuki Yamaguchi <[email protected]>	2021-07-18 17:44:44 +0900
commit	1706302be51454c4c81ab06b771e8cad8879078e (patch)
tree	3fca42b709045a51c30724303ea0a5e04f18c51d /ext/openssl/ossl_pkey.c
parent	b7a908af3420d12a6471c5f2d9cbae7faa4451b8 (diff)