[Bug 3661] memory leak with AES128CMAC keys

bk: 5e84aa07N2NcL4sE_0dW35Tizc74SA

diff --git a/ChangeLog b/ChangeLog
index 35d5d36c2faf434a0bbc79ed85afe3473cc63039..52653c39b3c717f7f7257455f3f9c404b064da3e 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+---
+* [Bug 3661] memory leak with AES128CMAC keys <perlinger@ntp.org>
+
 ---
 (4.2.8p14) 2020/03/03 Released by Harlan Stenn <stenn@ntp.org>
 

diff --git a/libntp/a_md5encrypt.c b/libntp/a_md5encrypt.c
index 8c046f4e93c9a1ab83958a68af639b77a961c141..57100de3a86e4cd7722f15e0e23fe9d45f8a046f 100644 (file)
--- a/libntp/a_md5encrypt.c
+++ b/libntp/a_md5encrypt.c
@@ -93,7 +93,7 @@ make_mac(
                }
          cmac_fail:
                if (ctx)
-                       CMAC_CTX_cleanup(ctx);
+                       CMAC_CTX_free(ctx);
        }
        else
 #   endif /*ENABLE_CMAC*/

diff --git a/sntp/crypto.c b/sntp/crypto.c
index 8ffe006f99120c6669a74688855ce5d220dd595d..8a47edef7184ea111485e10a722c9091e26c1166 100644 (file)
--- a/sntp/crypto.c
+++ b/sntp/crypto.c
@@ -70,7 +70,8 @@ compute_mac(
                }
                len = (u_int)slen;
                
-               CMAC_CTX_cleanup(ctx);
+               if (ctx)
+                       CMAC_CTX_free(ctx);
                /* Test our AES-128-CMAC implementation */
                
        } else  /* MD5 MAC handling */