[openssl/openssl] 4650cf: Fix a use after free in error handling of hmac_dup

Fri, 10 Jun 2022 03:44:57 -0700 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 4650cf23c84f33354e5284fbcf56f131aa83343b
      
https://github.openssl.org/openssl/openssl/commit/4650cf23c84f33354e5284fbcf56f131aa83343b
  Author: Bernd Edlinger <bernd.edlin...@hotmail.de>
  Date:   2022-06-10 (Fri, 10 Jun 2022)

  Changed paths:
    M providers/implementations/macs/hmac_prov.c

  Log Message:
  -----------
  Fix a use after free in error handling of hmac_dup

dst->digest needs to be zeroized in case HMAC_CTX_copy
or ossl_prov_digest_copy return failure.

Fixes #18493

Reviewed-by: Tomas Mraz <to...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18502)

(cherry picked from commit cec1699f1f54ba8b87f055776dc77b48dd37d5fa)

Reply via email to