Fix memory leaks in PKCS#5 and PKCS#12
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 2ee9c5e..649541e 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -190,21 +190,27 @@
return( ret );
if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = cipher_reset( &cipher_ctx, iv ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = cipher_update( &cipher_ctx, data, len,
output, &olen ) ) != 0 )
{
- return( ret );
+ goto cleanup;
}
if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
- return( POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH );
+ {
+ ret = POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH;
+ goto cleanup;
+ }
- return( 0 );
+cleanup:
+ cipher_free_ctx( &cipher_ctx );
+
+ return( ret );
}
static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
@@ -268,25 +274,25 @@
{
// Calculate hash( diversifier || salt_block || pwd_block )
if( ( ret = md_starts( &md_ctx ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = md_update( &md_ctx, diversifier, v ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = md_update( &md_ctx, salt_block, v ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = md_update( &md_ctx, pwd_block, v ) ) != 0 )
- return( ret );
+ goto cleanup;
if( ( ret = md_finish( &md_ctx, hash_output ) ) != 0 )
- return( ret );
+ goto cleanup;
// Perform remaining ( iterations - 1 ) recursive hash calculations
for( i = 1; i < iterations; i++ )
{
if( ( ret = md( md_info, hash_output, hlen, hash_output ) ) != 0 )
- return( ret );
+ goto cleanup;
}
use_len = ( datalen > hlen ) ? hlen : datalen;
@@ -324,7 +330,10 @@
}
}
- return( 0 );
+cleanup:
+ md_free_ctx( &md_ctx );
+
+ return( ret );
}
#endif /* POLARSSL_PKCS12_C */