From: Niels Dossche Subject: [PATCH] libressl: fix memory leak in CMS_EncryptedData_encrypt on error To: tech@openbsd.org Date: Mon, 3 Nov 2025 14:38:15 +0100 Hi This patch fixes a memory leak when an error occurs in CMS_EncryptedData_encrypt when calling CMS_EncryptedData_set1_key in libressl. This issue was found via an experimental static analyzer I'm working on, and I manually read the code to verify whether this is a real bug or not. --------------------------------------------------------------------------- diff --git lib/libcrypto/cms/cms_smime.c lib/libcrypto/cms/cms_smime.c index 85a0e6f6e50..bc105382b36 100644 --- lib/libcrypto/cms/cms_smime.c +++ lib/libcrypto/cms/cms_smime.c @@ -286,8 +286,10 @@ CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, cms = CMS_ContentInfo_new(); if (cms == NULL) return NULL; - if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) + if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) { + CMS_ContentInfo_free(cms); return NULL; + } if (!(flags & CMS_DETACHED)) CMS_set_detached(cms, 0);