Avoid memory leak in hmac_ctx_new (OpenSSL 3.0 only)

In OpenSSL 3.0, fetched algorithms must be freed (down referenced). In this case, though EVP_MAC_CTX_new() keeps a reference to 'hmac', it up-refs it. So we have to free it here before return. (Tested using an enable-asan build). Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20211030185756.1831-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23080.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
author: Selva Nair 2021-10-30 14:57:56 -0400
committer: Gert Doering 2021-11-05 16:12:09 +0100
commit: 31e200f807033ac27566bf37a8d9d32820600a83 (patch)
tree: 25cf9916d1488f49ff3ca1e241f89ab0a62e77b2 /src/openvpn/crypto_openssl.c
parent: f1dd638ca6acf35f0913f4e3d66451a70891c3de (diff)
download: openvpn-31e200f807033ac27566bf37a8d9d32820600a83.zip
openvpn-31e200f807033ac27566bf37a8d9d32820600a83.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index c43d18b..8e29a77 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1097,6 +1097,9 @@ hmac_ctx_new(void)
     EVP_MAC *hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
     ctx->ctx = EVP_MAC_CTX_new(hmac);
     check_malloc_return(ctx->ctx);
+
+    EVP_MAC_free(hmac);
+
     return ctx;
 }
author	Selva Nair	2021-10-30 14:57:56 -0400
committer	Gert Doering	2021-11-05 16:12:09 +0100
commit	31e200f807033ac27566bf37a8d9d32820600a83 (patch)
tree	25cf9916d1488f49ff3ca1e241f89ab0a62e77b2 /src/openvpn/crypto_openssl.c
parent	f1dd638ca6acf35f0913f4e3d66451a70891c3de (diff)
download	openvpn-31e200f807033ac27566bf37a8d9d32820600a83.zip openvpn-31e200f807033ac27566bf37a8d9d32820600a83.tar.gz