Fix leak in HMAC error path
authorMatt Caswell <matt@openssl.org>
Mon, 8 Jun 2015 08:29:56 +0000 (09:29 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 10:03:20 +0000 (11:03 +0100)
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.

Thanks to the BoringSSL project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/hmac/hmac.c

index 572393e..d50fabb 100644 (file)
@@ -219,6 +219,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }