diff options
author | Daiki Ueno <ueno@gnu.org> | 2020-06-02 05:38:28 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2020-08-31 08:06:03 +0200 |
commit | 188e8ca7ba62d35e0808b48ca9a9712511694d7d (patch) | |
tree | 2bf2567eca7c84a8372c158db15f47dc072a6996 | |
parent | b875af8d74fef8fd63704628c4818546765492fd (diff) | |
download | gnutls-188e8ca7ba62d35e0808b48ca9a9712511694d7d.tar.gz |
gnutls_cipher_init: fix potential memleak
Upon failure this function returns without freeing memory allocated
internally. This makes sure that it is released and do not touch the
output handle argument.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
-rw-r--r-- | lib/crypto-api.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index f289ebcd03..caf8d713a3 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -70,20 +70,30 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle, if (e == NULL || (e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD)) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - *handle = gnutls_calloc(1, sizeof(api_cipher_hd_st)); - if (*handle == NULL) { + h = gnutls_calloc(1, sizeof(api_cipher_hd_st)); + if (h == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } - h = *handle; ret = _gnutls_cipher_init(&h->ctx_enc, e, key, iv, 1); + if (ret < 0) { + gnutls_free(h); + return ret; + } - if (ret >= 0 && _gnutls_cipher_type(e) == CIPHER_BLOCK) + if (_gnutls_cipher_type(e) == CIPHER_BLOCK) { ret = _gnutls_cipher_init(&h->ctx_dec, e, key, iv, 0); + if (ret < 0) { + gnutls_free(h); + return ret; + } + } + + *handle = h; return ret; } |