diff options
| author | Daiki Ueno <ueno@gnu.org> | 2020-06-02 05:38:28 +0200 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2020-06-02 05:44:08 +0200 |
| commit | d86e7ab5a6b4723a87298e4c56b0c0edc9391ab4 (patch) | |
| tree | 495e1fb001f76549e1d19ada023349a6e7815ee5 | |
| parent | 6e79dc3811c0fabb65786c5c217322bf97e9883d (diff) | |
| download | gnutls-tmp-aead-init-leak.tar.gz | |
gnutls_cipher_init: fix potential memleaktmp-aead-init-leak
Upon failure this function returns without freeing memory allocated
internally. This makes sure that it is released and do not touch the
output handle argument.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | lib/crypto-api.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 311c819a32..a815379e87 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -70,20 +70,30 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle, if (e == NULL || (e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD)) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - *handle = gnutls_calloc(1, sizeof(api_cipher_hd_st)); - if (*handle == NULL) { + h = gnutls_calloc(1, sizeof(api_cipher_hd_st)); + if (h == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } - h = *handle; ret = _gnutls_cipher_init(&h->ctx_enc, e, key, iv, 1); + if (ret < 0) { + gnutls_free(h); + return ret; + } - if (ret >= 0 && _gnutls_cipher_type(e) == CIPHER_BLOCK) + if (_gnutls_cipher_type(e) == CIPHER_BLOCK) { ret = _gnutls_cipher_init(&h->ctx_dec, e, key, iv, 0); + if (ret < 0) { + gnutls_free(h); + return ret; + } + } + + *handle = h; return ret; } |