From 349e6b2b0aea737422fedfa28467bed5571ead2a Mon Sep 17 00:00:00 2001
From: Jonas Maebe <jonas.maebe@elis.ugent.be>
Date: Sun, 8 Dec 2013 17:18:17 +0100
Subject: [PATCH] cryptodev_digest_update: don't leak original state->mac_data
 if realloc fails

Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 crypto/engine/eng_cryptodev.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 568e131615..c823eebe7c 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -765,6 +765,7 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
 	struct crypt_op cryp;
 	struct dev_crypto_state *state = ctx->md_data;
 	struct session_op *sess = &state->d_sess;
+	char *new_mac_data;
 
 	if (!data || state->d_fd < 0) {
 		printf("cryptodev_digest_update: illegal inputs \n");
@@ -777,12 +778,13 @@ static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
 
 	if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
 		/* if application doesn't support one buffer */
-		state->mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
+		new_mac_data = OPENSSL_realloc(state->mac_data, state->mac_len + count);
 
-		if (!state->mac_data) {
+		if (!new_mac_data) {
 			printf("cryptodev_digest_update: realloc failed\n");
 			return (0);
 		}
+		state->mac_data = new_mac_data;
 
 		memcpy(state->mac_data + state->mac_len, data, count);
    		state->mac_len += count;
-- 
GitLab