Potential memory leak in hmac.c #19176
Description
I did this
During a code review, I noticed that in lib/hmac.c, the function Curl_HMAC_init performs a dynamic memory allocation with ctxt = malloc(i); but does not free this memory in the branch where return NULL; is executed. This could lead to a memory leak.
struct HMAC_context *
Curl_HMAC_init(const struct HMAC_params *hashparams,
const unsigned char *key,
unsigned int keylen)
{
size_t i;
struct HMAC_context *ctxt;
unsigned char *hkey;
unsigned char b;
/* Create HMAC context. */
i = sizeof(*ctxt) + 2 * hashparams->ctxtsize + hashparams->resultlen;
ctxt = malloc(i);
if(!ctxt)
return ctxt;
ctxt->hash = hashparams;
ctxt->hashctxt1 = (void *) (ctxt + 1);
ctxt->hashctxt2 = (void *) ((char *) ctxt->hashctxt1 + hashparams->ctxtsize);
/* If the key is too long, replace it by its hash digest. */
if(keylen > hashparams->maxkeylen) {
if(hashparams->hinit(ctxt->hashctxt1))
return NULL;
hashparams->hupdate(ctxt->hashctxt1, key, keylen);
hkey = (unsigned char *) ctxt->hashctxt2 + hashparams->ctxtsize;
hashparams->hfinal(hkey, ctxt->hashctxt1);
key = hkey;
keylen = hashparams->resultlen;
}
/* Prime the two hash contexts with the modified key. */
if(hashparams->hinit(ctxt->hashctxt1) ||
hashparams->hinit(ctxt->hashctxt2))
return NULL;I expected the following
No response
curl/libcurl version
curl master:latest
operating system
Unbuntu