RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-26 06:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()

Browse Source 
The issue was introduced with the commit c31499d74 ("MINOR: ssl: Add
aes_gcm_dec converter").

This must be backported to all stable branches where the above converter
is present, but it may need to be adjusted for older branches because of
code refactoring.
This commit is contained in:
Dragan Dosen 2024-03-11 18:10:01 +01:00 committed by Willy Tarreau
parent c03a023882
commit d7610e6dde
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl_sample.c
View File

@ -280,7 +280,7 @@ static int sample_conv_aes_gcm(const struct arg *arg_p, struct sample *smp, void
{
struct sample nonce, key, aead_tag;
struct buffer *smp_trash = NULL, *smp_trash_alloc = NULL;
EVP_CIPHER_CTX *ctx;
EVP_CIPHER_CTX *ctx = NULL;
int size, ret, dec;
smp_trash_alloc = alloc_trash_chunk();
@ -407,11 +407,13 @@ static int sample_conv_aes_gcm(const struct arg *arg_p, struct sample *smp, void
smp_dup(smp);
free_trash_chunk(smp_trash_alloc);
free_trash_chunk(smp_trash);
EVP_CIPHER_CTX_free(ctx);
return 1;
err:
free_trash_chunk(smp_trash_alloc);
free_trash_chunk(smp_trash);
EVP_CIPHER_CTX_free(ctx);
return 0;
}
#endif