From 19546246cf44d30043fb17d1899b2c325924ac8b Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Mon, 12 Jun 2017 18:05:19 +0200 Subject: [PATCH] Fix memleak in EVP_DigestSignFinal/VerifyFinal. Reviewed-by: Matt Caswell Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3658) --- crypto/evp/m_sigver.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index be6bb21ff9..2377944f66 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -123,8 +123,12 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) + if (tmp_ctx == NULL) return 0; + if (!EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) { + EVP_MD_CTX_free(tmp_ctx); + return 0; + } if (sctx) r = tmp_ctx->pctx->pmeth->signctx(tmp_ctx->pctx, sigret, siglen, tmp_ctx); @@ -178,8 +182,12 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, r = EVP_DigestFinal_ex(ctx, md, &mdlen); } else { EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); - if (tmp_ctx == NULL || !EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) + if (tmp_ctx == NULL) + return -1; + if (!EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) { + EVP_MD_CTX_free(tmp_ctx); return -1; + } if (vctx) { r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx, sig, siglen, tmp_ctx); -- 2.25.1