From 6ec3d3125f76aa9f11c133333f868c42b9b585c4 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Mon, 20 Mar 2023 09:02:34 +1100
Subject: Avoid freeing context on error

Freeing the allocated KDF context seems wrong when derive errors.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20528)
---
 providers/implementations/kdfs/argon2.c | 2 --
 1 file changed, 2 deletions(-)

(limited to 'providers')

diff --git a/providers/implementations/kdfs/argon2.c b/providers/implementations/kdfs/argon2.c
index cb9e69a7a3..768dcfe1bf 100644
--- a/providers/implementations/kdfs/argon2.c
+++ b/providers/implementations/kdfs/argon2.c
@@ -1025,7 +1025,6 @@ static int kdf_argon2_derive(void *vctx, unsigned char *out, size_t outlen,
 
     ctx->mac = EVP_MAC_fetch(ctx->libctx, "blake2bmac", ctx->propq);
     if (ctx->mac == NULL) {
-        OPENSSL_free(ctx);
         ERR_raise_data(ERR_LIB_PROV, PROV_R_MISSING_MAC,
                        "cannot fetch blake2bmac");
         return 0;
@@ -1034,7 +1033,6 @@ static int kdf_argon2_derive(void *vctx, unsigned char *out, size_t outlen,
     ctx->md = EVP_MD_fetch(ctx->libctx, "blake2b512", ctx->propq);
     if (ctx->md == NULL) {
         EVP_MAC_free(ctx->mac);
-        OPENSSL_free(ctx);
         ERR_raise_data(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST,
                        "canot fetch blake2b512");
         return 0;
-- 
cgit v1.2.1