]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 68886be)
Fix leak in HMAC error path
authorMatt Caswell <matt@openssl.org>
Mon, 8 Jun 2015 08:29:56 +0000 (09:29 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 10:03:20 +0000 (11:03 +0100)
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.

Thanks to the BoringSSL project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/hmac/hmac.c patch | blob | history

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 572393e2c705dbe1f6fcada642720f78875876b3..d50fabb7c11faa4c96e42b28ffb2db13ea2c086f 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -219,6 +219,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }
 
Unnamed repository; edit this file 'description' to name the repository.