[rpms/openssl] rebase_40beta: fix small memory leak in FIPS aes selftest

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

From: Tomas Mraz <tmraz@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/openssl] rebase_40beta: fix small memory leak in FIPS aes selftest
Date: Tue, 09 Jun 2026 12:43:02 GMT	[thread overview]
Message-ID: <178100898219.1.17208186134654490945.rpms-openssl-372f3ac99746@fedoraproject.org> (raw)

A new commit has been pushed.

Repo   : rpms/openssl
Branch : rebase_40beta
Commit : 372f3ac99746824f0a3ce6aa46dffe4759ea75af
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date   : 2013-09-20T16:04:50+02:00
Stats  : +12/-9 in 2 file(s)
URL    : https://src.fedoraproject.org/rpms/openssl/c/372f3ac99746824f0a3ce6aa46dffe4759ea75af?branch=rebase_40beta

Log:
fix small memory leak in FIPS aes selftest

---
diff --git a/openssl-1.0.1e-fips.patch b/openssl-1.0.1e-fips.patch
index 3e2ff42..42e4558 100644
--- a/openssl-1.0.1e-fips.patch
+++ b/openssl-1.0.1e-fips.patch
@@ -8392,7 +8392,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.0.1e/cryp
 +	EVP_CIPHER_CTX ctx;
 +	EVP_CIPHER_CTX_init(&ctx);
 +	memset(out, 0, sizeof(out));
-+	if (!EVP_CipherInit(&ctx, EVP_aes_192_ccm(), NULL, NULL, 1))
++	if (!EVP_CipherInit_ex(&ctx, EVP_aes_192_ccm(),NULL, NULL, NULL, 1))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN,
 +					sizeof(ccm_nonce), NULL))
@@ -8400,7 +8400,7 @@ diff -up openssl-1.0.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.0.1e/cryp
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG,
 +					sizeof(ccm_tag), NULL))
 +		goto err;
-+	if (!EVP_CipherInit(&ctx, NULL, ccm_key, ccm_nonce, 1))
++	if (!EVP_CipherInit_ex(&ctx, NULL, NULL, ccm_key, ccm_nonce, 1))
 +		goto err;
 +	if (EVP_Cipher(&ctx, NULL, NULL, sizeof(ccm_pt)) != sizeof(ccm_pt))
 +		goto err;
@@ -8417,14 +8417,14 @@ diff -up openssl-1.0.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.0.1e/cryp
 +
 +	memset(out, 0, sizeof(out));
 +
-+	if (!EVP_CipherInit(&ctx, EVP_aes_192_ccm(), NULL, NULL, 0))
++	if (!EVP_CipherInit_ex(&ctx, EVP_aes_192_ccm(), NULL, NULL, NULL, 0))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN,
 +					sizeof(ccm_nonce), NULL))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, 16, tag))
 +		goto err;
-+	if (!EVP_CipherInit(&ctx, NULL, ccm_key, ccm_nonce, 0))
++	if (!EVP_CipherInit_ex(&ctx, NULL, NULL, ccm_key, ccm_nonce, 0))
 +		goto err;
 +	if (EVP_Cipher(&ctx, NULL, NULL, sizeof(ccm_ct)) != sizeof(ccm_ct))
 +		goto err;
@@ -8486,12 +8486,12 @@ diff -up openssl-1.0.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.0.1e/cryp
 +	EVP_CIPHER_CTX_init(&ctx);
 +	memset(out, 0, sizeof(out));
 +	memset(tag, 0, sizeof(tag));
-+	if (!EVP_CipherInit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 1))
++	if (!EVP_CipherInit_ex(&ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 1))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN,
 +					sizeof(gcm_iv), NULL))
 +		goto err;
-+	if (!EVP_CipherInit(&ctx, NULL, gcm_key, gcm_iv, 1))
++	if (!EVP_CipherInit_ex(&ctx, NULL, NULL, gcm_key, gcm_iv, 1))
 +		goto err;
 +	if (EVP_Cipher(&ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0)
 +		goto err;
@@ -8508,14 +8508,14 @@ diff -up openssl-1.0.1e/crypto/fips/fips_aes_selftest.c.fips openssl-1.0.1e/cryp
 +
 +	memset(out, 0, sizeof(out));
 +
-+	if (!EVP_CipherInit(&ctx, EVP_aes_256_gcm(), NULL, NULL, 0))
++	if (!EVP_CipherInit_ex(&ctx, EVP_aes_256_gcm(), NULL, NULL, NULL, 0))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN,
 +					sizeof(gcm_iv), NULL))
 +		goto err;
 +	if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, 16, tag))
 +		goto err;
-+	if (!EVP_CipherInit(&ctx, NULL, gcm_key, gcm_iv, 0))
++	if (!EVP_CipherInit_ex(&ctx, NULL, NULL, gcm_key, gcm_iv, 0))
 +		goto err;
 +	if (EVP_Cipher(&ctx, NULL, gcm_aad, sizeof(gcm_aad)) < 0)
 +		goto err;

diff --git a/openssl.spec b/openssl.spec
index 333e788..122e00d 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.1e
-Release: 23%{?dist}
+Release: 24%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -473,6 +473,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 prelink -u %{_libdir}/libcrypto.so.%{version} %{_libdir}/libssl.so.%{version} 2>/dev/null || :
 
 %changelog
+* Fri Sep 20 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-24
+- fix small memory leak in FIPS aes selftest
+
 * Thu Sep 19 2013 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-23
 - fix segfault in openssl speed hmac in the FIPS mode

                 reply	other threads:[~2026-06-09 12:43 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=178100898219.1.17208186134654490945.rpms-openssl-372f3ac99746@fedoraproject.org \
    --to=tmraz@fedoraproject.org \
    --cc=git-commits@fedoraproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox