projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7cb79c7)
Fix leak in HMAC error path
authorMatt Caswell <matt@openssl.org>
Mon, 8 Jun 2015 08:29:56 +0000 (09:29 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 10 Jun 2015 10:06:05 +0000 (11:06 +0100)
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.

Thanks to the BoringSSL project for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)

crypto/hmac/hmac.c patch | blob | history

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 5ca389406bac9e272889f2d15574cf02cfe14df3..15a9a21299157db7614ca7f3941dccb2adf36385 100644 (file)
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -261,6 +261,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }
 
Unnamed repository; edit this file 'description' to name the repository.