Merge branch 'tmp-aead-init-leak' into 'master'

gnutls_aead_cipher_init: fix potential memleak

Closes #1010

See merge request gnutls/gnutls!1274

1 files changed, 25 insertions, 8 deletions

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 45be64ed1f..a815379e87 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -70,20 +70,30 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle,
 	if (e == NULL || (e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD))
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-	*handle = gnutls_calloc(1, sizeof(api_cipher_hd_st));
-	if (*handle == NULL) {
+	h = gnutls_calloc(1, sizeof(api_cipher_hd_st));
+	if (h == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 
-	h = *handle;
 	ret =
 	    _gnutls_cipher_init(&h->ctx_enc, e, key,
 				iv, 1);
+	if (ret < 0) {
+		gnutls_free(h);
+		return ret;
+	}
 
-	if (ret >= 0 && _gnutls_cipher_type(e) == CIPHER_BLOCK)
+	if (_gnutls_cipher_type(e) == CIPHER_BLOCK) {
 		ret =
 		    _gnutls_cipher_init(&h->ctx_dec, e, key, iv, 0);
+		if (ret < 0) {
+			gnutls_free(h);
+			return ret;
+		}
+	}
+
+	*handle = h;
 
 	return ret;
 }
@@ -755,6 +765,7 @@ int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle,
 {
 	api_aead_cipher_hd_st *h;
 	const cipher_entry_st *e;
+	int ret;
 
 	if (is_cipher_algo_forbidden(cipher))
 		return gnutls_assert_val(GNUTLS_E_UNWANTED_ALGORITHM);
@@ -763,15 +774,21 @@ int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle,
 	if (e == NULL || e->type != CIPHER_AEAD)
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-	*handle = gnutls_calloc(1, sizeof(api_aead_cipher_hd_st));
-	if (*handle == NULL) {
+	h = gnutls_calloc(1, sizeof(api_aead_cipher_hd_st));
+	if (h == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 
-	h = *handle;
+	ret = _gnutls_aead_cipher_init(h, cipher, key);
+	if (ret < 0) {
+		gnutls_free(h);
+		return ret;
+	}
+
+	*handle = h;
 
-	return _gnutls_aead_cipher_init(h, cipher, key);
+	return ret;
 }
 
 /**