cryptodev_digest_update: don't leak original state->mac_data if realloc fails
authorJonas Maebe <jonas.maebe@elis.ugent.be>
Sun, 8 Dec 2013 16:18:17 +0000 (17:18 +0100)
committerKurt Roeckx <kurt@roeckx.be>
Fri, 15 Aug 2014 20:38:36 +0000 (22:38 +0200)
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
crypto/engine/eng_cryptodev.c

index 568e131..c823eeb 100644 (file)
@@ -765,6 +765,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
        struct crypt_op cryp;
        struct dev_crypto_state *state = ctx->md_data;
        struct session_op *sess = &state->d_sess;
+       char *new_mac_data;
 
        if (!data || state->d_fd < 0) {
                printf("cryptodev_digest_update: illegal inputs \n");
@@ -777,12 +778,13 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
 
        if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
                /* if application doesn't support one buffer */
-               state->mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
+               new_mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
 
-               if (!state->mac_data) {
+               if (!new_mac_data) {
                        printf("cryptodev_digest_update: realloc failed\n");
                        return (0);
                }
+               state->mac_data = new_mac_data;
 
                memcpy(state->mac_data + state->mac_len, data, count);
                state->mac_len += count;