Commit 166e365e authored by Bernd Edlinger's avatar Bernd Edlinger Committed by Matt Caswell
Browse files

aes_gcm_cleanup() should check that gctx != NULL before 


calling OPENSSL_cleanse()

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2149)
parent 1222d273

crypto/evp/e_aes.c

+2 −0
Original line number Diff line number Diff line
@@ -1120,6 +1120,8 @@ BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS) 
static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)

{

    EVP_AES_GCM_CTX *gctx = c->cipher_data;

    if (gctx == NULL)

        return 0;

    OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));

    if (gctx->iv != c->iv)

        OPENSSL_free(gctx->iv);