[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Matt Caswell matt at openssl.org
Wed Jun 10 10:10:39 UTC 2015

The branch OpenSSL_1_0_2-stable has been updated
       via  3e8f9dc1a07df10dd52544efa269628744a40173 (commit)
      from  7cb79c7afb043e80eb9a4f7ff36f5a7a80cdd8c9 (commit)

- Log -----------------------------------------------------------------
commit 3e8f9dc1a07df10dd52544efa269628744a40173
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jun 8 09:29:56 2015 +0100

    Fix leak in HMAC error path
    In the event of an error in the HMAC function, leaks can occur because the
    HMAC_CTX does not get cleaned up.
    Thanks to the BoringSSL project for reporting this issue.
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit e43a13c807e42688c72c4f3d001112bf0a110464)


Summary of changes:
 crypto/hmac/hmac.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 5ca3894..15a9a21 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -261,6 +261,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
     return md;
+    HMAC_CTX_cleanup(&c);
     return NULL;

More information about the openssl-commits mailing list