diff options
| author | Holger Liebig <holger.liebig@ts.fujitsu.com> | 2017-04-04 20:43:05 +0200 |
|---|---|---|
| committer | Zdenek Styblik <stybla@turnovfree.net> | 2017-04-04 20:54:22 +0200 |
| commit | 1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1 (patch) | |
| tree | ec0d6c041b14275f2fc307c442a60f28685c424b | |
| parent | f004b4b7197fc83e7d47ec8cbcaefffa9a922717 (diff) | |
| download | ipmitool-1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1.tar.gz | |
ID:480 - Call EVP_CIPHER_CTX_free() instead of EVP_CIPHER_CTX_cleanup()
Call EVP_CIPHER_CTX_free() instead of EVP_CIPHER_CTX_cleanup() to fix memory
leak.
| -rw-r--r-- | src/plugins/lanplus/lanplus_crypt_impl.c | 44 |
1 files changed, 23 insertions, 21 deletions
diff --git a/src/plugins/lanplus/lanplus_crypt_impl.c b/src/plugins/lanplus/lanplus_crypt_impl.c index 0e330c1..9652a5e 100644 --- a/src/plugins/lanplus/lanplus_crypt_impl.c +++ b/src/plugins/lanplus/lanplus_crypt_impl.c @@ -165,13 +165,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, uint32_t * bytes_written) { EVP_CIPHER_CTX *ctx = NULL; - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - *bytes_written = 0; - return; - } - EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); - EVP_CIPHER_CTX_set_padding(ctx, 0); *bytes_written = 0; @@ -185,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, printbuf(input, input_length, "encrypting this data"); } + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); + return; + } + EVP_CIPHER_CTX_init(ctx); + EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); + EVP_CIPHER_CTX_set_padding(ctx, 0); /* * The default implementation adds a whole block of padding if the input @@ -198,7 +199,6 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, { /* Error */ *bytes_written = 0; - return; } else { @@ -206,16 +206,17 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv, if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) { + /* Error */ *bytes_written = 0; - return; /* Error */ } else { /* Success */ *bytes_written += tmplen; - EVP_CIPHER_CTX_cleanup(ctx); } } + /* performs cleanup and free */ + EVP_CIPHER_CTX_free(ctx); } @@ -243,13 +244,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, uint32_t * bytes_written) { EVP_CIPHER_CTX *ctx = NULL; - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - *bytes_written = 0; - return; - } - EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); - EVP_CIPHER_CTX_set_padding(ctx, 0); if (verbose >= 5) { @@ -258,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, printbuf(input, input_length, "decrypting this data"); } - *bytes_written = 0; if (input_length == 0) return; + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); + return; + } + EVP_CIPHER_CTX_init(ctx); + EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); + EVP_CIPHER_CTX_set_padding(ctx, 0); + /* * The default implementation adds a whole block of padding if the input * data is perfectly aligned. We would like to keep that from happening. @@ -277,7 +279,6 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, /* Error */ lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); *bytes_written = 0; - return; } else { @@ -285,20 +286,21 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv, if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) { + /* Error */ char buffer[1000]; ERR_error_string(ERR_get_error(), buffer); lprintf(LOG_DEBUG, "the ERR error %s", buffer); lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); *bytes_written = 0; - return; /* Error */ } else { /* Success */ *bytes_written += tmplen; - EVP_CIPHER_CTX_cleanup(ctx); } } + /* performs cleanup and free */ + EVP_CIPHER_CTX_free(ctx); if (verbose >= 5) { |