From 6014890bfb54011217cce97f66d48d27575f74e6 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Tue, 16 Feb 2016 00:30:43 +0200
Subject: [PATCH] OpenSSL: Fix memory leak with EVP_CIPHER_CTX_new()

Commit 1eb87ae48d829b77e805de9ba71f958b53930c88 ('OpenSSL: Use
EVP_CIPHER_CTX_new() to work with OpenSSL 1.1.0') started using
EVP_CIPHER_CTX_new() to allocate EVP_CIPHER_CTX from heap instead of
using stack memory. This commit used incorrect EVP_CIPHER_CTX_reset()
function in number of cases when the allocated memory was supposed to be
freed instead of just reset for reuse. Fix this by using
EVP_CIPHER_CTX_free() properly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/crypto/crypto_openssl.c | 24 ++++++++----------------
 1 file changed, 8 insertions(+), 16 deletions(-)

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 071a4dcc9..7c3600234 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -34,12 +34,6 @@
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 /* Compatibility wrappers for older versions. */
 
-static int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
-{
-	return EVP_CIPHER_CTX_cleanup(ctx);
-}
-
-
 static HMAC_CTX * HMAC_CTX_new(void)
 {
 	HMAC_CTX *ctx;
@@ -209,7 +203,7 @@ int rc4_skip(const u8 *key, size_t keylen, size_t skip,
 
 out:
 	if (ctx)
-		EVP_CIPHER_CTX_reset(ctx);
+		EVP_CIPHER_CTX_free(ctx);
 	return res;
 #endif /* OPENSSL_NO_RC4 */
 }
@@ -304,7 +298,6 @@ void aes_encrypt_deinit(void *ctx)
 		wpa_printf(MSG_ERROR, "OpenSSL: Unexpected padding length %d "
 			   "in AES encrypt", len);
 	}
-	EVP_CIPHER_CTX_reset(c);
 	EVP_CIPHER_CTX_free(c);
 }
 
@@ -357,7 +350,6 @@ void aes_decrypt_deinit(void *ctx)
 		wpa_printf(MSG_ERROR, "OpenSSL: Unexpected padding length %d "
 			   "in AES decrypt", len);
 	}
-	EVP_CIPHER_CTX_reset(c);
 	EVP_CIPHER_CTX_free(c);
 }
 
@@ -416,7 +408,7 @@ int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
 	    clen == (int) data_len &&
 	    EVP_EncryptFinal_ex(ctx, buf, &len) == 1 && len == 0)
 		res = 0;
-	EVP_CIPHER_CTX_reset(ctx);
+	EVP_CIPHER_CTX_free(ctx);
 
 	return res;
 }
@@ -443,7 +435,7 @@ int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
 	    plen == (int) data_len &&
 	    EVP_DecryptFinal_ex(ctx, buf, &len) == 1 && len == 0)
 		res = 0;
-	EVP_CIPHER_CTX_reset(ctx);
+	EVP_CIPHER_CTX_free(ctx);
 
 	return res;
 
@@ -557,7 +549,7 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
 	    !EVP_CIPHER_CTX_set_key_length(ctx->enc, key_len) ||
 	    !EVP_EncryptInit_ex(ctx->enc, NULL, NULL, key, iv)) {
 		if (ctx->enc)
-			EVP_CIPHER_CTX_reset(ctx->enc);
+			EVP_CIPHER_CTX_free(ctx->enc);
 		os_free(ctx);
 		return NULL;
 	}
@@ -567,9 +559,9 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg,
 	    !EVP_DecryptInit_ex(ctx->dec, cipher, NULL, NULL, NULL) ||
 	    !EVP_CIPHER_CTX_set_key_length(ctx->dec, key_len) ||
 	    !EVP_DecryptInit_ex(ctx->dec, NULL, NULL, key, iv)) {
-		EVP_CIPHER_CTX_reset(ctx->enc);
+		EVP_CIPHER_CTX_free(ctx->enc);
 		if (ctx->dec)
-			EVP_CIPHER_CTX_reset(ctx->dec);
+			EVP_CIPHER_CTX_free(ctx->dec);
 		os_free(ctx);
 		return NULL;
 	}
@@ -601,8 +593,8 @@ int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
 
 void crypto_cipher_deinit(struct crypto_cipher *ctx)
 {
-	EVP_CIPHER_CTX_reset(ctx->enc);
-	EVP_CIPHER_CTX_reset(ctx->dec);
+	EVP_CIPHER_CTX_free(ctx->enc);
+	EVP_CIPHER_CTX_free(ctx->dec);
 	os_free(ctx);
 }