From: Tomas Mraz Date: Wed, 7 Feb 2024 09:27:50 +0000 (+0100) Subject: Fix memory leaks on error cases during drbg initializations X-Git-Tag: openssl-3.1.6~107 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30cc769fa3220006b7e41bfd620e8c534dccf32f;p=thirdparty%2Fopenssl.git Fix memory leaks on error cases during drbg initializations Reviewed-by: Matt Caswell Reviewed-by: Tom Cosgrove (Merged from https://github.com/openssl/openssl/pull/23503) (cherry picked from commit cb4f7a6ee053e8c51cf3ac35fee333d1f25552c0) --- diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index ea55363bf80..a5d97257567 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -760,6 +760,7 @@ int ossl_drbg_enable_locking(void *vctx) PROV_DRBG *ossl_rand_drbg_new (void *provctx, void *parent, const OSSL_DISPATCH *p_dispatch, int (*dnew)(PROV_DRBG *ctx), + void (*dfree)(void *vctx), int (*instantiate)(PROV_DRBG *drbg, const unsigned char *entropy, size_t entropylen, const unsigned char *nonce, size_t noncelen, @@ -839,7 +840,7 @@ PROV_DRBG *ossl_rand_drbg_new return drbg; err: - ossl_rand_drbg_free(drbg); + dfree(drbg); return NULL; } diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 451113c4d16..988a08bf936 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -581,7 +581,7 @@ err: EVP_CIPHER_CTX_free(ctr->ctx_ecb); EVP_CIPHER_CTX_free(ctr->ctx_ctr); ctr->ctx_ecb = ctr->ctx_ctr = NULL; - return 0; + return 0; } static int drbg_ctr_new(PROV_DRBG *drbg) @@ -602,7 +602,8 @@ static int drbg_ctr_new(PROV_DRBG *drbg) static void *drbg_ctr_new_wrapper(void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch) { - return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_ctr_new, + return ossl_rand_drbg_new(provctx, parent, parent_dispatch, + &drbg_ctr_new, &drbg_ctr_free, &drbg_ctr_instantiate, &drbg_ctr_uninstantiate, &drbg_ctr_reseed, &drbg_ctr_generate); } diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index fb824abfa65..70f0a384e53 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -410,7 +410,8 @@ static int drbg_hash_new(PROV_DRBG *ctx) static void *drbg_hash_new_wrapper(void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch) { - return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_hash_new, + return ossl_rand_drbg_new(provctx, parent, parent_dispatch, + &drbg_hash_new, &drbg_hash_free, &drbg_hash_instantiate, &drbg_hash_uninstantiate, &drbg_hash_reseed, &drbg_hash_generate); } diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index 664a074639c..8e9c40ecc29 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -296,7 +296,8 @@ static int drbg_hmac_new(PROV_DRBG *drbg) static void *drbg_hmac_new_wrapper(void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch) { - return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_hmac_new, + return ossl_rand_drbg_new(provctx, parent, parent_dispatch, + &drbg_hmac_new, &drbg_hmac_free, &drbg_hmac_instantiate, &drbg_hmac_uninstantiate, &drbg_hmac_reseed, &drbg_hmac_generate); } diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h index 3b5417b43b9..c02a4cf79a0 100644 --- a/providers/implementations/rands/drbg_local.h +++ b/providers/implementations/rands/drbg_local.h @@ -176,6 +176,7 @@ struct prov_drbg_st { PROV_DRBG *ossl_rand_drbg_new (void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch, int (*dnew)(PROV_DRBG *ctx), + void (*dfree)(void *vctx), int (*instantiate)(PROV_DRBG *drbg, const unsigned char *entropy, size_t entropylen, const unsigned char *nonce, size_t noncelen,