[openssl] OpenSSL_1_1_1-stable update

bernd.edlinger at hotmail.de bernd.edlinger at hotmail.de
Wed Oct 6 13:11:30 UTC 2021


The branch OpenSSL_1_1_1-stable has been updated
       via  2fd9c433712a08474af071cef538ffcd94dc4b57 (commit)
      from  1be120ac5bf613a7277250b6e73f3c60adad4517 (commit)


- Log -----------------------------------------------------------------
commit 2fd9c433712a08474af071cef538ffcd94dc4b57
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date:   Mon Oct 4 19:45:19 2021 +0200

    Fix a memory leak in the afalg engine
    
    Fixes: #16743
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16744)
    
    (cherry picked from commit 6f6a5e0c7c41b6b3639e51f435cd98bb3ae061bc)

-----------------------------------------------------------------------

Summary of changes:
 engines/e_afalg.c |  7 ++-----
 test/afalgtest.c  | 42 +++++++++++++++++++-----------------------
 2 files changed, 21 insertions(+), 28 deletions(-)

diff --git a/engines/e_afalg.c b/engines/e_afalg.c
index 4b17228461..ccf838a9ea 100644
--- a/engines/e_afalg.c
+++ b/engines/e_afalg.c
@@ -624,11 +624,8 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx)
     }
 
     actx = (afalg_ctx *) EVP_CIPHER_CTX_get_cipher_data(ctx);
-    if (actx == NULL || actx->init_done != MAGIC_INIT_NUM) {
-        ALG_WARN("%s afalg ctx passed\n",
-                 ctx == NULL ? "NULL" : "Uninitialised");
-        return 0;
-    }
+    if (actx == NULL || actx->init_done != MAGIC_INIT_NUM)
+        return 1;
 
     close(actx->sfd);
     close(actx->bfd);
diff --git a/test/afalgtest.c b/test/afalgtest.c
index adb2977f30..0bd5653dba 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -21,26 +21,7 @@
 
 #ifndef OPENSSL_NO_ENGINE
 static ENGINE *e;
-#endif
-
 
-#ifndef OPENSSL_NO_AFALGENG
-# include <linux/version.h>
-# define K_MAJ   4
-# define K_MIN1  1
-# define K_MIN2  0
-# if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1, K_MIN2)
-/*
- * If we get here then it looks like there is a mismatch between the linux
- * headers and the actual kernel version, so we have tried to compile with
- * afalg support, but then skipped it in e_afalg.c. As far as this test is
- * concerned we behave as if we had been configured without support
- */
-#  define OPENSSL_NO_AFALGENG
-# endif
-#endif
-
-#ifndef OPENSSL_NO_AFALGENG
 static int test_afalg_aes_cbc(int keysize_idx)
 {
     EVP_CIPHER_CTX *ctx;
@@ -112,9 +93,25 @@ static int test_afalg_aes_cbc(int keysize_idx)
     EVP_CIPHER_CTX_free(ctx);
     return ret;
 }
-#endif
 
-#ifndef OPENSSL_NO_ENGINE
+static int test_pr16743(void)
+{
+    int ret = 0;
+    const EVP_CIPHER * cipher;
+    EVP_CIPHER_CTX *ctx;
+
+    if (!TEST_true(ENGINE_init(e)))
+        return 0;
+    cipher = ENGINE_get_cipher(e, NID_aes_128_cbc);
+    ctx = EVP_CIPHER_CTX_new();
+    if (cipher != NULL && ctx != NULL)
+        ret = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL);
+    TEST_true(ret);
+    EVP_CIPHER_CTX_free(ctx);
+    ENGINE_finish(e);
+    return ret;
+}
+
 int global_init(void)
 {
     ENGINE_load_builtin_engines();
@@ -132,9 +129,8 @@ int setup_tests(void)
         /* Probably a platform env issue, not a test failure. */
         TEST_info("Can't load AFALG engine");
     } else {
-# ifndef OPENSSL_NO_AFALGENG
         ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
-# endif
+        ADD_TEST(test_pr16743);
     }
 #endif
 


More information about the openssl-commits mailing list