From: Benjamin Kaduk <bkaduk@akamai.com>
Date: Tue, 28 Feb 2017 22:09:53 +0000 (-0600)
Subject: Don't free in cleanup routine
X-Git-Tag: OpenSSL_1_1_1-pre1~2202
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5c6c4c5c333c8ac469e53521cf747ff527b8813a;p=oweals%2Fopenssl.git

Don't free in cleanup routine

Cleanse instead, and free in the free routine.

Seems to have been introduced in commit
846ec07d904f9cc81d486db0db14fb84f61ff6e5 when EVP_CIPHER_CTX was made
opaque.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2798)
---

diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index c4f13a069f..0f4ca26bc2 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -60,7 +60,7 @@ CMAC_CTX *CMAC_CTX_new(void)
 
 void CMAC_CTX_cleanup(CMAC_CTX *ctx)
 {
-    EVP_CIPHER_CTX_free(ctx->cctx);
+    EVP_CIPHER_CTX_cleanup(ctx->cctx);
     OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
     OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
     OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
@@ -78,6 +78,7 @@ void CMAC_CTX_free(CMAC_CTX *ctx)
     if (!ctx)
         return;
     CMAC_CTX_cleanup(ctx);
+    EVP_CIPHER_CTX_free(ctx->cctx);
     OPENSSL_free(ctx);
 }