[openssl/openssl] 5f0f33: Fix a legitimate leak in v2i_issuer_sign_tool
0 views
Skip to first unread message
Neil Horman
Apr 13, 2026, 3:37:37 AM (yesterday) Apr 13
to openssl...@openssl.org
Branch: refs/heads/openssl-3.4
Home: https://github.com/openssl/openssl
Commit: 5f0f33b848902e512b38814bfb67f54a409f155a
https://github.com/openssl/openssl/commit/5f0f33b848902e512b38814bfb67f54a409f155a
Author: Neil Horman <nho...@openssl.org>
Date: 2026-04-13 (Mon, 13 Apr 2026)
Changed paths:
M crypto/x509/v3_ist.c
Log Message:
-----------
Fix a legitimate leak in v2i_issuer_sign_tool
Valgrind found a legitimate leak that, somehow asan missed.
v2i_issuer_sign_tool, when creating a new issuer sign tool,
automatically creates the member utf8 asn1 string objects for us.
However, based on configuration, this function will also create its own
utf8 asn1 strings, which overwrite those initial allocations, creating a
leak.
We don't need to create those strings at all in this fuction, just make
sure the ISSUER_SIGN_TOOL_new function did it for us, by checking them
all for NULL
Reviewed-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Tue Feb 24 15:11:16 2026
(Merged from https://github.com/openssl/openssl/pull/30711)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 5f0f33b848902e512b38814bfb67f54a409f155a
https://github.com/openssl/openssl/commit/5f0f33b848902e512b38814bfb67f54a409f155a
Author: Neil Horman <nho...@openssl.org>
Date: 2026-04-13 (Mon, 13 Apr 2026)
Changed paths:
M crypto/x509/v3_ist.c
Log Message:
-----------
Fix a legitimate leak in v2i_issuer_sign_tool
Valgrind found a legitimate leak that, somehow asan missed.
v2i_issuer_sign_tool, when creating a new issuer sign tool,
automatically creates the member utf8 asn1 string objects for us.
However, based on configuration, this function will also create its own
utf8 asn1 strings, which overwrite those initial allocations, creating a
leak.
We don't need to create those strings at all in this fuction, just make
sure the ISSUER_SIGN_TOOL_new function did it for us, by checking them
all for NULL
Reviewed-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Tue Feb 24 15:11:16 2026
(Merged from https://github.com/openssl/openssl/pull/30711)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages