Skip to content

Commit

Permalink
Don't leak an AES-CTR struct if fwrite fails.
Browse files Browse the repository at this point in the history 
Submitted by:	Pedro Ribeiro
  • Loading branch information
@cperciva
cperciva committed Jun 10, 2015
1 parent edfd943 commit 0df0b6f
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions lib/scryptenc/scryptenc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -428,8 +428,10 @@ scryptenc_file(FILE * infile, FILE * outfile,
break;
crypto_aesctr_stream(AES, buf, buf, readlen);
HMAC_SHA256_Update(&hctx, buf, readlen);
if (fwrite(buf, 1, readlen, outfile) < readlen)
if (fwrite(buf, 1, readlen, outfile) < readlen) {
crypto_aesctr_free(AES);
return (12);
}
} while (1);
crypto_aesctr_free(AES);

Expand Down Expand Up @@ -536,8 +538,10 @@ scryptdec_file(FILE * infile, FILE * outfile,
*/
HMAC_SHA256_Update(&hctx, buf, buflen - 32);
crypto_aesctr_stream(AES, buf, buf, buflen - 32);
if (fwrite(buf, 1, buflen - 32, outfile) < buflen - 32)
if (fwrite(buf, 1, buflen - 32, outfile) < buflen - 32) {
crypto_aesctr_free(AES);
return (12);
}

/* Move the last 32 bytes to the start of the buffer. */
memmove(buf, &buf[buflen - 32], 32);
Expand Down

0 comments on commit 0df0b6f

Please sign in to comment.