Commit b4a964f6c1 for openssl.org

commit b4a964f6c1313d386c45a747820d82a1a5ec4573
Author: YZL0v3ZZ <2055877225@qq.com>
Date:   Wed Mar 11 22:31:47 2026 +0800

    apps/cmp_mock_srv: fix resource leak in process_genm()

    If pushing the generated rsp ITAV object into the out stack fails,
    the error path frees the stack container but permanently abandons
    the newly allocated rsp object.

    Explicitly free the rsp structure if it exists and was not pushed
    successfully to prevent this memory leak.

    Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Mon Mar 16 11:16:02 2026
    (Merged from https://github.com/openssl/openssl/pull/30374)

diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c
index 67e8b781ec..24c52b30de 100644
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@@ -591,6 +591,7 @@ static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx,
         if (rsp != NULL && sk_OSSL_CMP_ITAV_push(*out, rsp))
             return 1;
         sk_OSSL_CMP_ITAV_free(*out);
+        OSSL_CMP_ITAV_free(rsp);
         return 0;
     }