db/pgbackrest
1
0
Fork 0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2025-01-18 04:58:51 +02:00
Code Issues Releases Activity

Fix leak in cipherBlockNew().

Browse Source 
The string used to look up the cipher type was leaked.
This commit is contained in:
David Steele 2022-04-26 10:34:10 -04:00
parent 6eed4125e6
commit 7eed9730aa
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/common/crypto/cipherBlock.c
View File

@ -399,10 +399,13 @@ cipherBlockNew(CipherMode mode, CipherType cipherType, const Buffer *pass, const
// Lookup cipher by name. This means the ciphers passed in must exactly match a name expected by OpenSSL. This is a good
// thing since the name required by the openssl command-line tool will match what is used by pgBackRest.
const EVP_CIPHER *cipher = EVP_get_cipherbyname(strZ(strIdToStr(cipherType)));
String *const cipherTypeStr = strIdToStr(cipherType);
const EVP_CIPHER *cipher = EVP_get_cipherbyname(strZ(cipherTypeStr));
if (!cipher)
THROW_FMT(AssertError, "unable to load cipher '%s'", strZ(strIdToStr(cipherType)));
THROW_FMT(AssertError, "unable to load cipher '%s'", strZ(cipherTypeStr));
strFree(cipherTypeStr);
// Lookup digest. If not defined it will be set to sha1.
const EVP_MD *digest = NULL;