keymat_v1: Avoid memory leak during IKE key derivation in some error cases
authorSophieK <35367649+suishixingkong@users.noreply.github.com>
Thu, 9 May 2019 07:20:30 +0000 (15:20 +0800)
committerTobias Brunner <tobias@strongswan.org>
Thu, 9 May 2019 08:07:52 +0000 (10:07 +0200)
Closes strongswan/strongswan#138.

src/libcharon/sa/ikev1/keymat_v1.c

index bcea1f3..34bae43 100644 (file)
@@ -416,6 +416,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
        {
                chunk_clear(&g_xy);
                chunk_clear(&data);
+               chunk_clear(&skeyid);
                return FALSE;
        }
        chunk_clear(&data);
@@ -427,6 +428,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
        {
                chunk_clear(&g_xy);
                chunk_clear(&data);
+               chunk_clear(&skeyid);
                return FALSE;
        }
        chunk_clear(&data);
@@ -438,6 +440,7 @@ METHOD(keymat_v1_t, derive_ike_keys, bool,
        {
                chunk_clear(&g_xy);
                chunk_clear(&data);
+               chunk_clear(&skeyid);
                return FALSE;
        }
        chunk_clear(&data);