projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d163a2c)
Fix leak in HMAC error path
authorMatt Caswell <matt@openssl.org>
Mon, 8 Jun 2015 08:29:56 +0000 (09:29 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 10:08:51 +0000 (11:08 +0100)
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.

Thanks to the BoringSSL project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)

crypto/hmac/hmac.c patch | blob | history

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b1f7317d7b354ee776eda3472d643791a975fe58..5925467818cbce791e16adf32c8dc3bb6743fd39 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -251,6 +251,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }
 
Unnamed repository; edit this file 'description' to name the repository.