Fix memory leaks on error cases during drbg initializations

author Tomas Mraz <tomas@openssl.org>

Wed, 7 Feb 2024 09:27:50 +0000 (10:27 +0100)

committer Tomas Mraz <tomas@openssl.org>

Fri, 9 Feb 2024 09:37:10 +0000 (10:37 +0100)
author Tomas Mraz <tomas@openssl.org>
Wed, 7 Feb 2024 09:27:50 +0000 (10:27 +0100)
committer Tomas Mraz <tomas@openssl.org>
Fri, 9 Feb 2024 09:37:10 +0000 (10:37 +0100)
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c

index e30836c53cabbbaf82b2b53fe67bcd0d81e7bc63..09edce8eb44b607679bb96d76ce513022b4b2c0e 100644 (file)
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -765,6 +765,7 @@ int ossl_drbg_enable_locking(void *vctx)
  PROV_DRBG *ossl_rand_drbg_new
      (void *provctx, void *parent, const OSSL_DISPATCH *p_dispatch,
       int (*dnew)(PROV_DRBG *ctx),
+     void (*dfree)(void *vctx),
       int (*instantiate)(PROV_DRBG *drbg,
                          const unsigned char *entropy, size_t entropylen,
                          const unsigned char *nonce, size_t noncelen,
@@ -844,7 +845,7 @@ PROV_DRBG *ossl_rand_drbg_new
      return drbg;
  
   err:
-    ossl_rand_drbg_free(drbg);
+    dfree(drbg);
      return NULL;
  }
  
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c

index 451113c4d16205bf8361aa9d1b736280eab92b26..988a08bf93635c95bbdb2c9a32defbfd4963e1c6 100644 (file)
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -581,7 +581,7 @@ err:
      EVP_CIPHER_CTX_free(ctr->ctx_ecb);
      EVP_CIPHER_CTX_free(ctr->ctx_ctr);
      ctr->ctx_ecb = ctr->ctx_ctr = NULL;
-    return 0;    
+    return 0;
  }
  
  static int drbg_ctr_new(PROV_DRBG *drbg)
@@ -602,7 +602,8 @@ static int drbg_ctr_new(PROV_DRBG *drbg)
  static void *drbg_ctr_new_wrapper(void *provctx, void *parent,
                                     const OSSL_DISPATCH *parent_dispatch)
  {
-    return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_ctr_new,
+    return ossl_rand_drbg_new(provctx, parent, parent_dispatch,
+                              &drbg_ctr_new, &drbg_ctr_free,
                                &drbg_ctr_instantiate, &drbg_ctr_uninstantiate,
                                &drbg_ctr_reseed, &drbg_ctr_generate);
  }
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c

index 6deb0a29256b2369a37b69b9e76c05f7164e8be0..4acf9a9830e40a8a86890ef101f0d87e3dbd9886 100644 (file)
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -410,7 +410,8 @@ static int drbg_hash_new(PROV_DRBG *ctx)
  static void *drbg_hash_new_wrapper(void *provctx, void *parent,
                                     const OSSL_DISPATCH *parent_dispatch)
  {
-    return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_hash_new,
+    return ossl_rand_drbg_new(provctx, parent, parent_dispatch,
+                              &drbg_hash_new, &drbg_hash_free,
                                &drbg_hash_instantiate, &drbg_hash_uninstantiate,
                                &drbg_hash_reseed, &drbg_hash_generate);
  }
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c

index e68465a78cd9c13586e8ac405c35c2c79628c963..571f5e6f7a3b5cc45f6e5291d11d3a76cf0a1888 100644 (file)
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -296,7 +296,8 @@ static int drbg_hmac_new(PROV_DRBG *drbg)
  static void *drbg_hmac_new_wrapper(void *provctx, void *parent,
                                     const OSSL_DISPATCH *parent_dispatch)
  {
-    return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_hmac_new,
+    return ossl_rand_drbg_new(provctx, parent, parent_dispatch,
+                              &drbg_hmac_new, &drbg_hmac_free,
                                &drbg_hmac_instantiate, &drbg_hmac_uninstantiate,
                                &drbg_hmac_reseed, &drbg_hmac_generate);
  }
diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h

index 8bc5df89c2363b11147b82dafb19dcab7c1fd177..a2d1ef53074897e66a6990733d0334cc89a10ddd 100644 (file)
--- a/providers/implementations/rands/drbg_local.h
+++ b/providers/implementations/rands/drbg_local.h
@@ -181,6 +181,7 @@ struct prov_drbg_st {
  PROV_DRBG *ossl_rand_drbg_new
      (void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch,
       int (*dnew)(PROV_DRBG *ctx),
+     void (*dfree)(void *vctx),
       int (*instantiate)(PROV_DRBG *drbg,
                          const unsigned char *entropy, size_t entropylen,
                          const unsigned char *nonce, size_t noncelen,
author	Tomas Mraz <tomas@openssl.org>
	Wed, 7 Feb 2024 09:27:50 +0000 (10:27 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 9 Feb 2024 09:37:10 +0000 (10:37 +0100)
providers/implementations/rands/drbg.c		patch \| blob \| blame \| history
providers/implementations/rands/drbg_ctr.c		patch \| blob \| blame \| history
providers/implementations/rands/drbg_hash.c		patch \| blob \| blame \| history
providers/implementations/rands/drbg_hmac.c		patch \| blob \| blame \| history
providers/implementations/rands/drbg_local.h		patch \| blob \| blame \| history