From d86e7ab5a6b4723a87298e4c56b0c0edc9391ab4 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Tue, 2 Jun 2020 05:38:28 +0200
Subject: gnutls_cipher_init: fix potential memleak

Upon failure this function returns without freeing memory allocated
internally.  This makes sure that it is released and do not touch the
output handle argument.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
 lib/crypto-api.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 311c819a32..a815379e87 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -70,20 +70,30 @@ gnutls_cipher_init(gnutls_cipher_hd_t * handle,
 	if (e == NULL || (e->flags & GNUTLS_CIPHER_FLAG_ONLY_AEAD))
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-	*handle = gnutls_calloc(1, sizeof(api_cipher_hd_st));
-	if (*handle == NULL) {
+	h = gnutls_calloc(1, sizeof(api_cipher_hd_st));
+	if (h == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 
-	h = *handle;
 	ret =
 	    _gnutls_cipher_init(&h->ctx_enc, e, key,
 				iv, 1);
+	if (ret < 0) {
+		gnutls_free(h);
+		return ret;
+	}
 
-	if (ret >= 0 && _gnutls_cipher_type(e) == CIPHER_BLOCK)
+	if (_gnutls_cipher_type(e) == CIPHER_BLOCK) {
 		ret =
 		    _gnutls_cipher_init(&h->ctx_dec, e, key, iv, 0);
+		if (ret < 0) {
+			gnutls_free(h);
+			return ret;
+		}
+	}
+
+	*handle = h;
 
 	return ret;
 }
-- 
cgit v1.2.1