Patch developed in-house. Solaris-specific; not suitable for upstream.
--- openssl-1.0.1f/crypto/evp/evp_enc.c.orig Mon Feb 11 07:26:04 2013
+++ openssl-1.0.1f/crypto/evp/evp_enc.c Mon Feb 3 16:40:48 2014
@@ -393,10 +393,14 @@
{
ret = M_do_cipher(ctx, out, NULL, 0);
if (ret < 0)
- return 0;
+ {
+ ret = 0;
+ goto cleanup;
+ }
else
*outl = ret;
- return 1;
+ ret = 1;
+ goto cleanup;
}
b=ctx->cipher->block_size;
@@ -404,7 +408,8 @@
if (b == 1)
{
*outl=0;
- return 1;
+ ret = 1;
+ goto cleanup;
}
bl=ctx->buf_len;
if (ctx->flags & EVP_CIPH_NO_PADDING)
@@ -412,10 +417,12 @@
if(bl)
{
EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
- return 0;
+ ret = 0;
+ goto cleanup;
}
*outl = 0;
- return 1;
+ ret = 1;
+ goto cleanup;
}
n=b-bl;
@@ -427,6 +434,12 @@
if(ret)
*outl=b;
+cleanup:
+ if (ctx->cipher->cleanup)
+ {
+ ctx->cipher->cleanup(ctx);
+ }
+
return ret;
}
@@ -500,7 +513,7 @@
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
- int i,n;
+ int i,n,ret = 1;
unsigned int b;
*outl=0;
@@ -508,10 +521,14 @@
{
i = M_do_cipher(ctx, out, NULL, 0);
if (i < 0)
- return 0;
+ {
+ ret = 0;
+ goto cleanup;
+ }
else
*outl = i;
- return 1;
+ ret = 1;
+ goto cleanup;
}
b=ctx->cipher->block_size;
@@ -520,10 +537,12 @@
if(ctx->buf_len)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
- return 0;
+ ret = 0;
+ goto cleanup;
}
*outl = 0;
- return 1;
+ ret = 1;
+ goto cleanup;
}
if (b > 1)
{
@@ -530,7 +549,8 @@
if (ctx->buf_len || !ctx->final_used)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
- return(0);
+ ret = 0;
+ goto cleanup;
}
OPENSSL_assert(b <= sizeof ctx->final);
n=ctx->final[b-1];
@@ -537,7 +557,8 @@
if (n == 0 || n > (int)b)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
- return(0);
+ ret = 0;
+ goto cleanup;
}
for (i=0; i<n; i++)
{
@@ -544,7 +565,8 @@
if (ctx->final[--b] != n)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
- return(0);
+ ret = 0;
+ goto cleanup;
}
}
n=ctx->cipher->block_size-n;
@@ -554,7 +576,14 @@
}
else
*outl=0;
- return(1);
+
+cleanup:
+ if (ctx->cipher->cleanup)
+ {
+ ctx->cipher->cleanup(ctx);
+ }
+
+ return ret;
}
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)