Does this code (ignoring lack of error handling) leak with OpenSSL 3.0?
EVP_PKEY *pkey = NULL;
BIO *public_key_file = BIO_new_file("public.pem", "r");
OSSL_DECODER_CTX *dctx = OSSL_DECODER_CTX_new_for_pkey(
&pkey, "PEM", NULL, "EC",
OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
NULL, NULL
)};
OSSL_DECODER_from_bio(dctx, public_key_file);
// ...
BIO_free(public_key_file);
OSSL_DECODER_CTX_free(dctx);
Or, does it require an additional EVP_PKEY_free(pkey)?
The documentation makes no mention of whether the caller needs to free the key.
Leak_DefinitelyLost
2,653 (152 direct, 2,501 indirect) bytes in 1 blocks are definitely lost in loss record 34 of 34
0x4848899 malloc
0x4A1A5DD CRYPTO_zalloc
0x4A07FE3 EVP_PKEY_new
0x49CD1EB \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x49CC722 \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x4ABD857 \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x49CC95A \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x4ABEF97 \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x49CC95A \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x4ABE8EB \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x49CC95A \usr\lib\x86_64-linux-gnu\libcrypto.so.3
0x49CCC30 OSSL_DECODER_from_bio
So that's a "yes" but only after it has been loaded by a later call. OSSL_DECODER_CTX_new_for_pkey itself does not allocate the key.