ThePassionate commented on PR #18608:
URL: https://github.com/apache/nuttx/pull/18608#issuecomment-4132006968
Hi, thanks for adding PBKDF2 support — this is a useful addition to the
crypto stack! I have a few suggestions below, mostly around cleanup.
1. swcr_freesession: missing PBKDF2 — memory leak
swcr_freesession() does not handle CRYPTO_PBKDF2_HMAC_SHA1 /
CRYPTO_PBKDF2_HMAC_SHA256. These algorithms go through the authcommon path in
swcr_newsession(), which allocates both sw_ictx and sw_octx. Without
corresponding cases in swcr_freesession(), neither buffer is freed on session
teardown — this is a memory leak.
2. **targetlen** added to struct crypt_op but never referenced
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
