Hi
I have found a memory leak when using openssl backend. I don't know if
this is the proper way to report it.
The problem is that crypt_hash_init() and crypt_hash_restart() calls
EVP_DigestInit() but crypt_hash_final() calls EVP_DigestFinal_ex().
This results in that the context struct is zeroed when
crypt_hash_restart() calls EVP_DigestInit(), and the memory allocated by
the previous call to EVP_DigestInit() is lost. The version of openssl we
use is 1.0.2g. This leak might not occur in later versions of openssl
that has changed how those functions work.
I have attached a suggested fix that only uses the _ex versions of the
EVP functions.
/Per
>From c706d110be72bb78ff270d23ea9e3c7892bd98ba Mon Sep 17 00:00:00 2001
From: Per x Johansson <perxjoh@xxxxxxxx>
Date: Tue, 11 Oct 2016 10:34:11 +0200
Subject: [PATCH] Fix memory leak when using openssl backend
Fixes a memory leak when using openssl backend caused by mismatched
calls to EVP_DigestInit and EVP_DigestFinal_ex.
---
lib/crypto_backend/crypto_openssl.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c
index 5e4345b..9f9069d 100644
--- a/lib/crypto_backend/crypto_openssl.c
+++ b/lib/crypto_backend/crypto_openssl.c
@@ -95,7 +95,8 @@ int crypt_hash_init(struct crypt_hash **ctx, const char *name)
return -EINVAL;
}
- if (EVP_DigestInit(&h->md, h->hash_id) != 1) {
+ EVP_MD_CTX_init(&h->md);
+ if (EVP_DigestInit_ex(&h->md, h->hash_id, NULL) != 1) {
free(h);
return -EINVAL;
}
@@ -107,7 +108,7 @@ int crypt_hash_init(struct crypt_hash **ctx, const char *name)
static int crypt_hash_restart(struct crypt_hash *ctx)
{
- if (EVP_DigestInit(&ctx->md, ctx->hash_id) != 1)
+ if (EVP_DigestInit_ex(&ctx->md, ctx->hash_id, NULL) != 1)
return -EINVAL;
return 0;
--
2.1.4
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
