From f9cd1327adf723035d5b2d73e41fc8b9e865ccbd Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 8 May 2019 12:16:03 +0300 Subject: [PATCH] OpenSSL: Fix memory leak in crypto_ecdh_init() ec_params needs to be freed before returning from the function. Extension of this function to support BoringSSL introduced this memory leak and that was later extended to be the only variant and apply to OpenSSL and LibreSSL cases as well in commit c23e87d0d12d ("OpenSSL: Replace EVP_PKEY_paramgen() with EC_KEY_new_by_curve_name()"). Fixes: f29761297b84 ("BoringSSL: Implement crypto_ecdh_init()") Signed-off-by: Jouni Malinen --- src/crypto/crypto_openssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 228aa4bfa..633199099 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1880,7 +1880,7 @@ struct crypto_ecdh * crypto_ecdh_init(int group) { struct crypto_ecdh *ecdh; EVP_PKEY *params = NULL; - EC_KEY *ec_params; + EC_KEY *ec_params = NULL; EVP_PKEY_CTX *kctx = NULL; ecdh = os_zalloc(sizeof(*ecdh)); @@ -1923,6 +1923,7 @@ struct crypto_ecdh * crypto_ecdh_init(int group) } done: + EC_KEY_free(ec_params); EVP_PKEY_free(params); EVP_PKEY_CTX_free(kctx);