Description
Error handling of _mongocrypt_transform_binary_in_bson does not free a possibly partially constructed BSON document for the final result. Example in mongocrypt-ctx-encrypt.c:
bson_init (&converted);
|
if (!_mongocrypt_transform_binary_in_bson (
|
_replace_marking_with_ciphertext,
|
&ctx->kb,
|
TRAVERSE_MATCH_MARKING,
|
&iter,
|
&converted,
|
ctx->status)) {
|
return _mongocrypt_ctx_fail (ctx);
|
}
|
This is missing a call to bson_destroy (&converted) on error.