[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] libcrypto: fix resource leak in hmac_final
[Thread Prev] | [Thread Next]
- Subject: [PATCH] libcrypto: fix resource leak in hmac_final
- From: Jon Simons <jon@xxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Wed, 12 Jul 2017 15:25:17 -0700
- To: libssh@xxxxxxxxxx
From fbeb19685a19cf72bdc02cabfc0dfe543cee301a Mon Sep 17 00:00:00 2001
From: Jon Simons <jon@xxxxxxxxxxxxx>
Date: Mon, 10 Jul 2017 17:20:42 -0400
Subject: [PATCH] libcrypto: fix resource leak in hmac_final
Fix a resource leak in `hmac_final`: say `HMAC_CTX_free` instead
of `HMAC_CTX_reset`. This matches the error handling as done in
`hmac_init`. Introduced with cf1e808e2ffa1f26644fb5d2cb82a919f323deba.
The problem is reproducible running the `pkd_hello` test with:
valgrind --leak-check=full ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default
Resolves https://red.libssh.org/issues/252.
Signed-off-by: Jon Simons <jon@xxxxxxxxxxxxx>
---
src/libcrypto.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 867bf227..3bed5042 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -422,7 +422,8 @@ void hmac_final(HMACCTX ctx, unsigned char *hashmacbuf, unsigned int *len) {
HMAC_Final(ctx,hashmacbuf,len);
#ifndef OLD_CRYPTO
- HMAC_CTX_reset(ctx);
+ HMAC_CTX_free(ctx);
+ ctx = NULL;
#else
HMAC_cleanup(ctx);
#endif
--
2.13.2
Archive administrator: postmaster@lists.cynapses.org