ARIA GCM ciphers memory leak after EVP_CTRL_AEAD_SET_IVLEN
guidovranken opened this issue · comments
Guido Vranken commented
#include <openssl/evp.h>
#define CF_CHECK_EQ(expr, res) if ( (expr) != (res) ) { goto end; }
#define CF_CHECK_NE(expr, res) if ( (expr) == (res) ) { goto end; }
int main(void)
{
const EVP_CIPHER* cipher = NULL;
EVP_CIPHER_CTX* ctx = NULL;
CF_CHECK_NE(cipher = EVP_aria_128_gcm(), NULL);
CF_CHECK_NE(ctx = EVP_CIPHER_CTX_new(), NULL);
CF_CHECK_EQ(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL), 1);
/* Leak occurs here */
CF_CHECK_EQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 100, NULL), 1);
end:
EVP_CIPHER_CTX_free(ctx);
return 0;
}
iv
is allocated but not freed: https://github.com/openssl/openssl/blob/master/crypto/evp/e_aria.c#L269
Matt Caswell commented
Fix in #8586.