From: Niels Dossche <dossche.niels@gmail.com>
Subject: [PATCH] libressl: fix memory leak in save_index on error
To: tech@openbsd.org
Date: Mon, 17 Mar 2025 16:49:49 +0100

Hi

This patch fixes a memory leak when an error occurs in save_index in libressl.

This issue was found via an experimental static analyzer I'm working on,
and I manually read the code to verify whether this is a real bug or not.


---------------------------------------------------------------------------
diff --git apps.c apps.c
index 7c98f1e70c1..00f8ac0e536 100644
--- apps.c
+++ apps.c
@@ -1420,6 +1420,7 @@ save_index(const char *file, const char *suffix, CA_DB *db)
 	return 1;
 
  err:
+	BIO_free(out);
 	return 0;
 }