From aa61d73c98a1694b6951d392b9aeb1321847521f Mon Sep 17 00:00:00 2001
From: Aveen Ismail <aveen.ismail@yubico.com>
Date: Wed, 4 Sep 2024 21:34:43 +0200
Subject: [PATCH] Free memory if BIO_write() fails

---
 common/util.c  |  4 ++++
 src/commands.c | 17 +++++++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/common/util.c b/common/util.c
index 2247f93a..ed5f696f 100644
--- a/common/util.c
+++ b/common/util.c
@@ -177,6 +177,7 @@ bool read_private_key(uint8_t *buf, size_t len, yh_algorithm *algo,
   }
 
   if(BIO_write(bio, buf, len) <= 0) {
+    BIO_free_all(bio);
     return false;
   }
 
@@ -697,12 +698,15 @@ bool write_file(const uint8_t *buf, size_t buf_len, FILE *fp, format_t format) {
 
     (void) BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
     if(BIO_write(bio, buf, buf_len) <= 0) {
+      BIO_free_all(bio);
       return false;
     }
     if(BIO_flush(bio) != 1) {
+      BIO_free_all(bio);
       return false;
     }
     if(BIO_get_mem_ptr(bio, &bufferPtr) != 1) {
+      BIO_free_all(bio);
       return false;
     }
     p = (uint8_t *) bufferPtr->data;
diff --git a/src/commands.c b/src/commands.c
index aad86b65..1ed5dc43 100644
--- a/src/commands.c
+++ b/src/commands.c
@@ -1167,7 +1167,13 @@ int yh_com_get_pubkey(yubihsm_context *ctx, Argument *argv, cmd_format in_fmt,
 
     (void) i2d_PUBKEY_bio(bio, public_key);
 
-    (void) BIO_flush(bio);
+    if (BIO_flush(bio) != 1) {
+      fprintf(stderr, "Unable to flush BIO\n");
+      BIO_free_all(b64);
+      BIO_free_all(bio);
+      error = true;
+      goto getpk_base64_cleanup;
+    }
     (void) BIO_free_all(bio);
   getpk_base64_cleanup:
     if (error) {
@@ -1260,7 +1266,13 @@ int yh_com_get_device_pubkey(yubihsm_context *ctx, Argument *argv,
 
     (void) i2d_PUBKEY_bio(bio, public_key);
 
-    (void) BIO_flush(bio);
+    if (BIO_flush(bio) != 1) {
+      fprintf(stderr, "Unable to flush BIO\n");
+      BIO_free_all(b64);
+      BIO_free_all(bio);
+      error = true;
+      goto getdpk_base64_cleanup;
+    }
     (void) BIO_free_all(bio);
   getdpk_base64_cleanup:
     if (error) {
@@ -2454,6 +2466,7 @@ static bool read_rsa_pubkey(const uint8_t *buf, size_t len,
 
   if(BIO_write(bio, buf, len) <= 0) {
     fprintf(stderr, "%s: Failed to read RSA public key\n", __func__);
+    BIO_free_all(bio);
     return false;
   }