From: Theo Buehler <tb@theobuehler.org>
Subject: Re: [PATCH] libressl: fix memory leak in save_index on error
To: Niels Dossche <dossche.niels@gmail.com>
Cc: tech@openbsd.org
Date: Mon, 17 Mar 2025 16:55:31 +0100

On Mon, Mar 17, 2025 at 04:49:49PM +0100, Niels Dossche wrote:
> Hi
> 
> This patch fixes a memory leak when an error occurs in save_index in libressl.
> 
> This issue was found via an experimental static analyzer I'm working on,
> and I manually read the code to verify whether this is a real bug or not.
> 

I agree that this is correct. Committed, thanks.

> 
> ---------------------------------------------------------------------------
> diff --git apps.c apps.c
> index 7c98f1e70c1..00f8ac0e536 100644
> --- apps.c
> +++ apps.c
> @@ -1420,6 +1420,7 @@ save_index(const char *file, const char *suffix, CA_DB *db)
>  	return 1;
>  
>   err:
> +	BIO_free(out);
>  	return 0;
>  }
>  
>