From 2714486d89be441630b3344b1f4f4be6c3f37ba5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 23 Jul 2025 16:50:22 +0200
Subject: [PATCH] hmac: return error if init fails

They can actually happen in OOM situtations.

Reported-by: Philippe Antoine
Closes #18008
---
 lib/hmac.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/hmac.c b/lib/hmac.c
index 3af1f292da..5e7dd0df0c 100644
--- a/lib/hmac.c
+++ b/lib/hmac.c
@@ -73,7 +73,8 @@ Curl_HMAC_init(const struct HMAC_params *hashparams,
 
   /* If the key is too long, replace it by its hash digest. */
   if(keylen > hashparams->maxkeylen) {
-    hashparams->hinit(ctxt->hashctxt1);
+    if(hashparams->hinit(ctxt->hashctxt1))
+      return NULL;
     hashparams->hupdate(ctxt->hashctxt1, key, keylen);
     hkey = (unsigned char *) ctxt->hashctxt2 + hashparams->ctxtsize;
     hashparams->hfinal(hkey, ctxt->hashctxt1);
@@ -82,8 +83,9 @@ Curl_HMAC_init(const struct HMAC_params *hashparams,
   }
 
   /* Prime the two hash contexts with the modified key. */
-  hashparams->hinit(ctxt->hashctxt1);
-  hashparams->hinit(ctxt->hashctxt2);
+  if(hashparams->hinit(ctxt->hashctxt1) ||
+     hashparams->hinit(ctxt->hashctxt2))
+    return NULL;
 
   for(i = 0; i < keylen; i++) {
     b = (unsigned char)(*key ^ hmac_ipad);
-- 
2.47.2