[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Matt Caswell
matt at openssl.org
Wed Jun 10 10:10:51 UTC 2015
The branch OpenSSL_1_0_1-stable has been updated
via 418df5ea232811dc7339380c1aa5e07c28c6c6dc (commit)
from d163a2cc46709ba31e91887c65d32743913d3db3 (commit)
- Log -----------------------------------------------------------------
commit 418df5ea232811dc7339380c1aa5e07c28c6c6dc
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 8 09:29:56 2015 +0100
Fix leak in HMAC error path
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.
Thanks to the BoringSSL project for reporting this issue.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)
-----------------------------------------------------------------------
Summary of changes:
crypto/hmac/hmac.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b1f7317..5925467 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -251,6 +251,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
HMAC_CTX_cleanup(&c);
return md;
err:
+ HMAC_CTX_cleanup(&c);
return NULL;
}
More information about the openssl-commits
mailing list