[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Matt Caswell matt at openssl.org
Wed Jun 10 10:10:51 UTC 2015


The branch OpenSSL_1_0_1-stable has been updated
       via  418df5ea232811dc7339380c1aa5e07c28c6c6dc (commit)
      from  d163a2cc46709ba31e91887c65d32743913d3db3 (commit)


- Log -----------------------------------------------------------------
commit 418df5ea232811dc7339380c1aa5e07c28c6c6dc
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jun 8 09:29:56 2015 +0100

    Fix leak in HMAC error path
    
    In the event of an error in the HMAC function, leaks can occur because the
    HMAC_CTX does not get cleaned up.
    
    Thanks to the BoringSSL project for reporting this issue.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)

-----------------------------------------------------------------------

Summary of changes:
 crypto/hmac/hmac.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b1f7317..5925467 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -251,6 +251,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     HMAC_CTX_cleanup(&c);
     return md;
  err:
+    HMAC_CTX_cleanup(&c);
     return NULL;
 }
 


More information about the openssl-commits mailing list