Fix memory leak in pg_hmac

danielgustafsson · danielgustafsson · commit 0ded7039fab3 · 2021-10-01T22:47:05.000+02:00
The intermittent h buffer was not freed, causing it to leak. Backpatch through 14 where HMAC was refactored to the current API. Author: Sergey Shinderuk <s.shinderuk@postgrespro.ru> Discussion: https://postgr.es/m/af07e620-7e28-a742-4637-2bc44aa7c2be@postgrespro.ru Backpatch-through: 14
diff --git a/src/common/hmac.c b/src/common/hmac.c
@@ -232,17 +232,22 @@ pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
 	memset(h, 0, ctx->digest_size);
 
 	if (pg_cryptohash_final(ctx->hash, h, ctx->digest_size) < 0)
+	{
+		FREE(h);
 		return -1;
+	}
 
 	/* H(K XOR opad, tmp) */
 	if (pg_cryptohash_init(ctx->hash) < 0 ||
 		pg_cryptohash_update(ctx->hash, ctx->k_opad, ctx->block_size) < 0 ||
 		pg_cryptohash_update(ctx->hash, h, ctx->digest_size) < 0 ||
 		pg_cryptohash_final(ctx->hash, dest, len) < 0)
 	{
+		FREE(h);
 		return -1;
 	}
 
+	FREE(h);
 	return 0;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -232,17 +232,22 @@ pg_hmac_final(pg_hmac_ctx ctx, uint8 dest, size_t len)`
`232`	`232`	`memset(h, 0, ctx->digest_size);`
`233`	`233`
`234`	`234`	`if (pg_cryptohash_final(ctx->hash, h, ctx->digest_size) < 0)`
	`235`	`+ {`
	`236`	`+ FREE(h);`
`235`	`237`	`return -1;`
	`238`	`+ }`
`236`	`239`
`237`	`240`	`/* H(K XOR opad, tmp) */`
`238`	`241`	`if (pg_cryptohash_init(ctx->hash) < 0 \|\|`
`239`	`242`	`pg_cryptohash_update(ctx->hash, ctx->k_opad, ctx->block_size) < 0 \|\|`
`240`	`243`	`pg_cryptohash_update(ctx->hash, h, ctx->digest_size) < 0 \|\|`
`241`	`244`	`pg_cryptohash_final(ctx->hash, dest, len) < 0)`
`242`	`245`	`{`
	`246`	`+ FREE(h);`
`243`	`247`	`return -1;`
`244`	`248`	`}`
`245`	`249`
	`250`	`+ FREE(h);`
`246`	`251`	`return 0;`
`247`	`252`	`}`
`248`	`253`