From adc9086beb21a91ca59aaf0c619b38b82c223f9b Mon Sep 17 00:00:00 2001 From: kinichiro Date: Sun, 12 Jan 2020 17:35:39 +0900 Subject: [PATCH] Avoid leak in error path of PKCS5_PBE_keyivgen CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/10816) --- crypto/evp/p5_crpt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index 272643cf37..6218c17ce2 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -51,11 +51,13 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, ivl = EVP_CIPHER_iv_length(cipher); if (ivl < 0 || ivl > 16) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_IV_LENGTH); + PBEPARAM_free(pbe); return 0; } kl = EVP_CIPHER_key_length(cipher); if (kl < 0 || kl > (int)sizeof(md_tmp)) { EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH); + PBEPARAM_free(pbe); return 0; } @@ -84,6 +86,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, if (!EVP_DigestUpdate(ctx, salt, saltlen)) goto err; PBEPARAM_free(pbe); + pbe = NULL; if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL)) goto err; mdsize = EVP_MD_size(md); @@ -106,6 +109,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); rv = 1; err: + PBEPARAM_free(pbe); EVP_MD_CTX_free(ctx); return rv; } -- 2.25.1