From fde4397fc4ac7a5feff495a819b9fb127b347dcd Mon Sep 17 00:00:00 2001 From: qmuntal Date: Tue, 23 Jan 2024 15:59:36 +0100 Subject: [PATCH] fix memory leak in setupEVP and newCipherCtx --- cipher.go | 4 ++-- evp.go | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cipher.go b/cipher.go index ddaadfa8..2b983c54 100644 --- a/cipher.go +++ b/cipher.go @@ -533,12 +533,12 @@ func sliceForAppend(in []byte, n int) (head, tail []byte) { return } -func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (ctx C.GO_EVP_CIPHER_CTX_PTR, err error) { +func newCipherCtx(kind cipherKind, mode cipherMode, encrypt cipherOp, key, iv []byte) (_ C.GO_EVP_CIPHER_CTX_PTR, err error) { cipher := loadCipher(kind, mode) if cipher == nil { panic("crypto/cipher: unsupported cipher: " + kind.String()) } - ctx = C.go_openssl_EVP_CIPHER_CTX_new() + ctx := C.go_openssl_EVP_CIPHER_CTX_new() if ctx == nil { return nil, fail("unable to create EVP cipher ctx") } diff --git a/evp.go b/evp.go index b2886e69..a9237a6a 100644 --- a/evp.go +++ b/evp.go @@ -149,7 +149,15 @@ type verifyFunc func(C.GO_EVP_PKEY_CTX_PTR, *C.uchar, C.size_t, *C.uchar, C.size func setupEVP(withKey withKeyFunc, padding C.int, h, mgfHash hash.Hash, label []byte, saltLen C.int, ch crypto.Hash, - init initFunc) (ctx C.GO_EVP_PKEY_CTX_PTR, err error) { + init initFunc) (_ C.GO_EVP_PKEY_CTX_PTR, err error) { + var ctx C.GO_EVP_PKEY_CTX_PTR + withKey(func(pkey C.GO_EVP_PKEY_PTR) C.int { + ctx = C.go_openssl_EVP_PKEY_CTX_new(pkey, nil) + return 1 + }) + if ctx == nil { + return nil, newOpenSSLError("EVP_PKEY_CTX_new failed") + } defer func() { if err != nil { if ctx != nil { @@ -158,14 +166,6 @@ func setupEVP(withKey withKeyFunc, padding C.int, } } }() - - withKey(func(pkey C.GO_EVP_PKEY_PTR) C.int { - ctx = C.go_openssl_EVP_PKEY_CTX_new(pkey, nil) - return 1 - }) - if ctx == nil { - return nil, newOpenSSLError("EVP_PKEY_CTX_new failed") - } if err := init(ctx); err != nil { return nil, err }