Fix leak in HMAC error path
authorMatt Caswell <matt@openssl.org>
Mon, 8 Jun 2015 08:29:56 +0000 (09:29 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 10:08:51 +0000 (11:08 +0100)
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.

Thanks to the BoringSSL project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)

crypto/hmac/hmac.c

index b1f7317d7b354ee776eda3472d643791a975fe58..5925467818cbce791e16adf32c8dc3bb6743fd39 100644 (file)
@@ -251,6 +251,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }