pki: Initialize pointers and avoid double-free with OSSL 3.0

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> (cherry picked from commit dac62e7439)
2026-02-05 04:40:31 +09:00 · 2023-01-04 14:21:26 +01:00
parent b9a6fac062
commit 1bc9b20b1a
1 changed files with 5 additions and 16 deletions
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -2050,7 +2050,7 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
 #if 0
                const void *pubkey;
                size_t pubkey_len;
-                OSSL_PARAM *params, *locate_param;
+                OSSL_PARAM *params = NULL, *locate_param = NULL;
 #endif /* OPENSSL_VERSION_NUMBER */

                type_s = ssh_string_from_char(pki_key_ecdsa_nid_to_char(key->ecdsa_nid));
@@ -2082,13 +2082,6 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
                e = make_ecpoint_string(EC_KEY_get0_group(key->ecdsa),
                                        EC_KEY_get0_public_key(key->ecdsa));
 #else
-                rc = ssh_buffer_add_ssh_string(buffer, type_s);
-                SSH_STRING_FREE(type_s);
-                if (rc < 0) {
-                    SSH_BUFFER_FREE(buffer);
-                    return NULL;
-                }
-
                rc = EVP_PKEY_todata(key->key, EVP_PKEY_PUBLIC_KEY, &params);
                if (rc < 0) {
                    OSSL_PARAM_free(params);
@@ -2109,7 +2102,6 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
                rc = OSSL_PARAM_get_octet_string_ptr(locate_param, &pubkey, &pubkey_len);
                if (rc != 1) {
                    OSSL_PARAM_free(params);
-                    OSSL_PARAM_free(locate_param);
                    goto fail;
                }

@@ -2127,7 +2119,6 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
 #if 0
                if (memcpy(ssh_string_data(e), pubkey, pubkey_len) == NULL) {
                    OSSL_PARAM_free(params);
-                    OSSL_PARAM_free(locate_param);
                    goto fail;
                }
 #endif /* OPENSSL_VERSION_NUMBER */
@@ -2139,7 +2130,6 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
 */
 #if 0
                    OSSL_PARAM_free(params);
-                    OSSL_PARAM_free(locate_param);
 #endif /* OPENSSL_VERSION_NUMBER */
                    goto fail;
                }
@@ -2153,13 +2143,12 @@ ssh_string pki_publickey_to_blob(const ssh_key key)
 */
 #if 0
                OSSL_PARAM_free(params);
-                OSSL_PARAM_free(locate_param);
 #endif /* OPENSSL_VERSION_NUMBER */

-            if (key->type == SSH_KEYTYPE_SK_ECDSA &&
-                ssh_buffer_add_ssh_string(buffer, key->sk_application) < 0) {
-                goto fail;
-            }
+                if (key->type == SSH_KEYTYPE_SK_ECDSA &&
+                    ssh_buffer_add_ssh_string(buffer, key->sk_application) < 0) {
+                    goto fail;
+                }

                break;
            }