CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2022/03/30 01:17:48
Modified files:
lib/libcrypto/gost: gostr341001_pmeth.c
lib/libcrypto/hmac: hm_pmeth.c
Log message:
Avoid segfaults in EVP_PKEY_CTX_free()
It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data
is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is
called with such a context. This in turn calls pmeth->cleanup(), and thus
these cleanup functions must be careful not to use NULL data. Most of
them are, but one of GOST's functions and HMAC's aren't.
Reported for HMAC by Masaru Masada
https://github.com/libressl-portable/openbsd/issues/129
ok bcook jsing
