Ver código fonte

Merge pull request #5514 from julek-wolfssl/wolfSSL_EVP_MD_CTX_copy_ex-leak

Cleanup output object in wolfSSL_EVP_MD_CTX_copy_ex before copy
David Garske 2 anos atrás
pai
commit
e88bd66501
2 arquivos alterados com 7 adições e 0 exclusões
  1. 5 0
      tests/api.c
  2. 2 0
      wolfcrypt/src/evp.c

+ 5 - 0
tests/api.c

@@ -33384,6 +33384,7 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
     WOLFSSL_EVP_PKEY_CTX* keyCtx;
     const char testData[] = "Hi There";
     WOLFSSL_EVP_MD_CTX mdCtx;
+    WOLFSSL_EVP_MD_CTX mdCtxCopy;
     size_t checkSz = -1;
     int sz = 2048 / 8;
     const unsigned char* cp;
@@ -33408,6 +33409,7 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
                                                sizeof_client_keypub_der_2048)));
 
     wolfSSL_EVP_MD_CTX_init(&mdCtx);
+    wolfSSL_EVP_MD_CTX_init(&mdCtxCopy);
     AssertIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
                                                              NULL, privKey), 1);
     AssertIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
@@ -33416,6 +33418,9 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
     AssertIntEQ((int)checkSz, sz);
     AssertIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
     AssertIntEQ((int)checkSz,sz);
+    AssertIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
+    AssertIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
+    AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtxCopy), 1);
     AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
 
     wolfSSL_EVP_MD_CTX_init(&mdCtx);

+ 2 - 0
wolfcrypt/src/evp.c

@@ -3551,6 +3551,7 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
     }
     else {
         WOLFSSL_EVP_MD_CTX ctxCopy;
+        wolfSSL_EVP_MD_CTX_init(&ctxCopy);
 
         if (wolfSSL_EVP_MD_CTX_copy_ex(&ctxCopy, ctx) != WOLFSSL_SUCCESS)
             return WOLFSSL_FAILURE;
@@ -4882,6 +4883,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
     {
         if ((out == NULL) || (in == NULL)) return WOLFSSL_FAILURE;
         WOLFSSL_ENTER("EVP_CIPHER_MD_CTX_copy_ex");
+        wolfSSL_EVP_MD_CTX_cleanup(out);
         XMEMCPY(out, in, sizeof(WOLFSSL_EVP_MD_CTX));
         if (in->pctx != NULL) {
             out->pctx = wolfSSL_EVP_PKEY_CTX_new(in->pctx->pkey, NULL);