diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2020-06-24 01:51:05 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2020-06-24 01:51:05 +0000 |
| commit | 767173cec2b2041e1f847bc8896092f9c1481242 (patch) | |
| tree | f13382cc9f11300231085767f92ffc15a98f8516 /contrib/ntp/sntp/crypto.c | |
| parent | 28e002cd3e8a3c40c34a41f8b1ac624d334e4b9a (diff) | |
| parent | 3914721463f70500ecc1f59312b122d8788465cf (diff) | |
MFV r362565:
Update 4.2.8p14 --> 4.2.8p15
Summary: Systems that use a CMAC algorithm in ntp.keys will not release
a bit of memory on each packet that uses a CMAC keyid, eventually causing
ntpd to run out of memory and fail. The CMAC cleanup from
https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby
the CMAC data structure was no longer completely removed.
MFC after: 3 days
Security: NTP Bug 3661
Notes
Notes:
svn path=/head/; revision=362568
Diffstat (limited to 'contrib/ntp/sntp/crypto.c')
| -rw-r--r-- | contrib/ntp/sntp/crypto.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/contrib/ntp/sntp/crypto.c b/contrib/ntp/sntp/crypto.c index 8ffe006f9912..8a47edef7184 100644 --- a/contrib/ntp/sntp/crypto.c +++ b/contrib/ntp/sntp/crypto.c @@ -70,7 +70,8 @@ compute_mac( } len = (u_int)slen; - CMAC_CTX_cleanup(ctx); + if (ctx) + CMAC_CTX_free(ctx); /* Test our AES-128-CMAC implementation */ } else /* MD5 MAC handling */ |