OpenSSL: Fix a memory leak on crypto_hash_init() error path

The EVP_MAC context data needs to be freed on error paths.

Fixes: e31500adea72 ("OpenSSL: Implement HMAC using the EVP_MAC API")
Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index d4f28fe298b01640fe507a64756dc594edde5a20..212e5adad5d3fa687c483a03c2ea50c622fe395b 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1362,21 +1362,22 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
 
        ctx = os_zalloc(sizeof(*ctx));
        if (!ctx)
-               return NULL;
+               goto fail;
        ctx->ctx = EVP_MAC_CTX_new(mac);
        if (!ctx->ctx) {
-               EVP_MAC_free(mac);
                os_free(ctx);
-               return NULL;
+               ctx = NULL;
+               goto fail;
        }
 
        if (EVP_MAC_init(ctx->ctx, key, key_len, params) != 1) {
                EVP_MAC_CTX_free(ctx->ctx);
                bin_clear_free(ctx, sizeof(*ctx));
-               EVP_MAC_free(mac);
-               return NULL;
+               ctx = NULL;
+               goto fail;
        }
 
+fail:
        EVP_MAC_free(mac);
        return ctx;
 #else /* OpenSSL version >= 3.0 */