CVE-2025-5351 pki_crypto: Avoid double-free on low-memory conditions

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-07-20 18:02:58 +03:00 · 2025-05-06 22:43:31 +02:00
parent faf9caafc6
commit acb158e827
1 changed files with 2 additions and 0 deletions
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@ -1746,6 +1746,7 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
        bignum_safe_free(bn);
        bignum_safe_free(be);
        OSSL_PARAM_free(params);
+        params = NULL;
 #endif /* OPENSSL_VERSION_NUMBER */
        break;
    }
@ -1998,6 +1999,7 @@ ssh_string pki_key_to_blob(const ssh_key key, enum ssh_key_e type)
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
        bignum_safe_free(bd);
        OSSL_PARAM_free(params);
+        params = NULL;
 #endif /* OPENSSL_VERSION_NUMBER */
        break;
    }