From 923eb36ad8a68a699ce37f33cbe21c5770c487a4 Mon Sep 17 00:00:00 2001
From: wangjiang <wangjiang37@h-partners.com>
Date: Tue, 26 Mar 2024 11:28:42 +0800
Subject: [PATCH] fix some bugs

---
 ...-PKCS-12-read-error-in-PKCS12_key_ge.patch | 43 +++++++++++++++++++
 openssl.spec                                  |  6 ++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 backport-Fix-mem-leaks-on-PKCS-12-read-error-in-PKCS12_key_ge.patch

diff --git a/backport-Fix-mem-leaks-on-PKCS-12-read-error-in-PKCS12_key_ge.patch b/backport-Fix-mem-leaks-on-PKCS-12-read-error-in-PKCS12_key_ge.patch
new file mode 100644
index 0000000..42f8fb7
--- /dev/null
+++ b/backport-Fix-mem-leaks-on-PKCS-12-read-error-in-PKCS12_key_ge.patch
@@ -0,0 +1,43 @@
+From ed4faae00cdab23244704660c099e41ec64f5dc0 Mon Sep 17 00:00:00 2001
+From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
+Date: Wed, 12 Aug 2020 17:37:50 +0200
+Subject: [PATCH] Fix mem leaks on PKCS#12 read error in
+ PKCS12_key_gen_{asc,utf8}
+ 
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
+(Merged from https://github.com/openssl/openssl/pull/12639)
+---
+ crypto/pkcs12/p12_key.c | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+ 
+diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
+index a40ae4cbe8..bbe212d125 100644
+--- a/crypto/pkcs12/p12_key.c
++++ b/crypto/pkcs12/p12_key.c
+@@ -44,10 +44,8 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+     }
+     ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
+                              id, iter, n, out, md_type);
+-    if (ret <= 0)
+-        return 0;
+     OPENSSL_clear_free(unipass, uniplen);
+-    return ret;
++    return ret > 0;
+ }
+ 
+ int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
+@@ -67,10 +65,8 @@ int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
+     }
+     ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
+                              id, iter, n, out, md_type);
+-    if (ret <= 0)
+-        return 0;
+     OPENSSL_clear_free(unipass, uniplen);
+-    return ret;
++    return ret > 0;
+ }
+ 
+ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+-- 
+2.27.0
diff --git a/openssl.spec b/openssl.spec
index bfe378a..207ffc4 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -2,7 +2,7 @@
 Name:        openssl
 Epoch:       1
 Version:     1.1.1wa
-Release:     4
+Release:     5
 Summary:     Cryptography and SSL/TLS Toolkit
 License:     OpenSSL and SSLeay
 URL:         https://gitee.com/openeuler/openssl
@@ -14,6 +14,7 @@ Patch3:      Fix-FIPS-getenv-build-failure.patch
 Patch4:      skip-some-test-cases.patch
 Patch5:      backport-Fix-OPENSSL_VERSION_NUMBER-number-problem.patch
 Patch6:      backport-CVE-2024-0727-fix-pkcs12-decoding-crashes.patch
+Patch7:      backport-Fix-mem-leaks-on-PKCS-12-read-error-in-PKCS12_key_ge.patch
 
 BuildRequires: gcc perl make lksctp-tools-devel coreutils util-linux zlib-devel
 Requires:    coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
@@ -222,6 +223,9 @@ make test || :
 %ldconfig_scriptlets libs
 
 %changelog
+* Tue Mar 26 2024 wangjiang <wangjiang37@h-partners.com> - 1:1.1.1wa-5
+- fix some bugs
+
 * Mon Feb 5 2024 lixiao <lixiao57@huawei.com> - 1:1.1.1wa-4
 - add openssl-SMx-perl rpm provides
 
-- 
Gitee