public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix memory leaks in ossl_quic_calculate_retry_integrity_tag()

Browse source 
Fixes #25625

Several error paths return 0 directly instead of going to err to clean
up the objects.

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25636)
This commit is contained in:
Niels Dossche 2024-10-08 16:03:13 +02:00 committed by Tomas Mraz
parent 37aa1143c3
commit e8d963594f
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ssl/quic/quic_wire_pkt.c
View file

@ -887,7 +887,7 @@ int ossl_quic_calculate_retry_integrity_tag(OSSL_LIB_CTX *libctx,
if (!WPACKET_get_total_written(&wpkt, &hdr_enc_len)) {
ERR_raise(ERR_LIB_SSL, ERR_R_CRYPTO_LIB);
return 0;
goto err;
}
/* Create and initialise cipher context. */
@ -911,27 +911,27 @@ int ossl_quic_calculate_retry_integrity_tag(OSSL_LIB_CTX *libctx,
/* Feed packet header as AAD data. */
if (EVP_CipherUpdate(cctx, NULL, &l, buf, hdr_enc_len) != 1) {
ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB);
return 0;
goto err;
}
/* Feed packet body as AAD data. */
if (EVP_CipherUpdate(cctx, NULL, &l, hdr->data,
hdr->len - QUIC_RETRY_INTEGRITY_TAG_LEN) != 1) {
ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB);
return 0;
goto err;
}
/* Finalise and get tag. */
if (EVP_CipherFinal_ex(cctx, NULL, &l2) != 1) {
ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB);
return 0;
goto err;
}
if (EVP_CIPHER_CTX_ctrl(cctx, EVP_CTRL_AEAD_GET_TAG,
QUIC_RETRY_INTEGRITY_TAG_LEN,
tag) != 1) {
ERR_raise(ERR_LIB_SSL, ERR_R_EVP_LIB);
return 0;
goto err;
}
ok = 1;