From f8a8fe60f85d77ee4a4c930fb8b340c452aa8d6f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Aug 2018 16:38:05 +0200 Subject: [PATCH] Fix memory leak with AEAD with non-default tag lengths When freeing the key context, choose the context format based on the base algorithm value stored in the operation object. --- library/psa_crypto.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d512d4c7c..f3a2c64af 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2844,10 +2844,9 @@ typedef struct uint8_t tag_length; } aead_operation_t; -static void psa_aead_abort( aead_operation_t *operation, - psa_algorithm_t alg ) +static void psa_aead_abort( aead_operation_t *operation ) { - switch( alg ) + switch( operation->core_alg ) { #if defined(MBEDTLS_CCM_C) case PSA_ALG_CCM: @@ -2932,7 +2931,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, return( PSA_SUCCESS ); cleanup: - psa_aead_abort( operation, alg ); + psa_aead_abort( operation ); return( status ); } @@ -2998,7 +2997,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, memset( ciphertext, 0, ciphertext_size ); exit: - psa_aead_abort( &operation, alg ); + psa_aead_abort( &operation ); if( status == PSA_SUCCESS ) *ciphertext_length = plaintext_length + operation.tag_length; return( status ); @@ -3090,7 +3089,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, memset( plaintext, 0, plaintext_size ); exit: - psa_aead_abort( &operation, alg ); + psa_aead_abort( &operation ); if( status == PSA_SUCCESS ) *plaintext_length = ciphertext_length - operation.tag_length; return( status );