From 19b87d2d2b022c20dd9043c3b6d021315011b45f Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Tue, 20 Aug 2024 11:35:20 +0200
Subject: [PATCH] s390x: Fix memory leak in s390x_HMAC_CTX_copy()

When s390x_HMAC_CTX_copy() is called, but the destination context already
has a buffer allocated, it is not freed before duplicating the buffer from
the source context.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25238)
---
 crypto/hmac/hmac_s390x.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/hmac/hmac_s390x.c b/crypto/hmac/hmac_s390x.c
index 1124d9bc5d7..8b0da0d59d1 100644
--- a/crypto/hmac/hmac_s390x.c
+++ b/crypto/hmac/hmac_s390x.c
@@ -263,6 +263,7 @@ int s390x_HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
     memcpy(&dctx->plat.s390x.param, &sctx->plat.s390x.param,
            sizeof(dctx->plat.s390x.param));
 
+    OPENSSL_clear_free(dctx->plat.s390x.buf, dctx->plat.s390x.size);
     dctx->plat.s390x.buf = NULL;
     if (sctx->plat.s390x.buf != NULL) {
         dctx->plat.s390x.buf = OPENSSL_memdup(sctx->plat.s390x.buf,
-- 
2.47.2