projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ee11118) | patch
Fix a use after free in error handling of hmac_dup
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Wed, 8 Jun 2022 15:36:52 +0000 (17:36 +0200)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Fri, 10 Jun 2022 10:43:38 +0000 (12:43 +0200)
commitcec1699f1f54ba8b87f055776dc77b48dd37d5fa
tree5d755ee4f8904778490b64ac27163499753edefctree | snapshot
parentee11118deb65d2b22b94721125a5649d05591e7bcommit | diff
Fix a use after free in error handling of hmac_dup

dst->digest needs to be zeroized in case HMAC_CTX_copy
or ossl_prov_digest_copy return failure.

Fixes #18493

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18502)
providers/implementations/macs/hmac_prov.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.