[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Rich Salz rsalz at openssl.org
Wed Mar 1 01:02:40 UTC 2017


The branch OpenSSL_1_1_0-stable has been updated
       via  0adaabf6cd9ef104468edd353d721cd2d7afca5e (commit)
      from  027211787a0388bae578f153e7b15b4eb30f352e (commit)


- Log -----------------------------------------------------------------
commit 0adaabf6cd9ef104468edd353d721cd2d7afca5e
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Tue Feb 28 16:09:53 2017 -0600

    Don't free in cleanup routine
    
    Cleanse instead, and free in the free routine.
    
    Seems to have been introduced in commit
    846ec07d904f9cc81d486db0db14fb84f61ff6e5 when EVP_CIPHER_CTX was made
    opaque.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/2798)
    (cherry picked from commit 5c6c4c5c333c8ac469e53521cf747ff527b8813a)

-----------------------------------------------------------------------

Summary of changes:
 crypto/cmac/cmac.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index c4f13a0..0f4ca26 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -60,7 +60,7 @@ CMAC_CTX *CMAC_CTX_new(void)
 
 void CMAC_CTX_cleanup(CMAC_CTX *ctx)
 {
-    EVP_CIPHER_CTX_free(ctx->cctx);
+    EVP_CIPHER_CTX_cleanup(ctx->cctx);
     OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
     OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
     OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
@@ -78,6 +78,7 @@ void CMAC_CTX_free(CMAC_CTX *ctx)
     if (!ctx)
         return;
     CMAC_CTX_cleanup(ctx);
+    EVP_CIPHER_CTX_free(ctx->cctx);
     OPENSSL_free(ctx);
 }
 


More information about the openssl-commits mailing list