[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Wed Jun 10 10:10:39 UTC 2015
The branch OpenSSL_1_0_2-stable has been updated
via 3e8f9dc1a07df10dd52544efa269628744a40173 (commit)
from 7cb79c7afb043e80eb9a4f7ff36f5a7a80cdd8c9 (commit)
- Log -----------------------------------------------------------------
commit 3e8f9dc1a07df10dd52544efa269628744a40173
Author: Matt Caswell <matt at openssl.org>
Date: Mon Jun 8 09:29:56 2015 +0100
Fix leak in HMAC error path
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.
Thanks to the BoringSSL project for reporting this issue.
Reviewed-by: Richard Levitte <levitte at openssl.org>
(cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)
-----------------------------------------------------------------------
Summary of changes:
crypto/hmac/hmac.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 5ca3894..15a9a21 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -261,6 +261,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
HMAC_CTX_cleanup(&c);
return md;
err:
+ HMAC_CTX_cleanup(&c);
return NULL;
}
More information about the openssl-commits
mailing list