[openssl/openssl] 7c45b7: Coverity 1522032: use after free

Pauli noreply at github.com
Mon Mar 20 22:02:26 UTC 2023


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 7c45b7cbb04e297c3342fcc50bf7b0a9e36df1dd
      https://github.com/openssl/openssl/commit/7c45b7cbb04e297c3342fcc50bf7b0a9e36df1dd
  Author: Pauli <pauli at openssl.org>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M providers/implementations/kdfs/argon2.c

  Log Message:
  -----------
  Coverity 1522032: use after free

Fix use after free error.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
(Merged from https://github.com/openssl/openssl/pull/20528)


  Commit: 6ec3d3125f76aa9f11c133333f868c42b9b585c4
      https://github.com/openssl/openssl/commit/6ec3d3125f76aa9f11c133333f868c42b9b585c4
  Author: Pauli <pauli at openssl.org>
  Date:   2023-03-21 (Tue, 21 Mar 2023)

  Changed paths:
    M providers/implementations/kdfs/argon2.c

  Log Message:
  -----------
  Avoid freeing context on error

Freeing the allocated KDF context seems wrong when derive errors.

Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
(Merged from https://github.com/openssl/openssl/pull/20528)


Compare: https://github.com/openssl/openssl/compare/c9c99018a887...6ec3d3125f76


More information about the openssl-commits mailing list