commit f8a8fe60f85d77ee4a4c930fb8b340c452aa8d6f
author Gilles Peskine <Gilles.Peskine@arm.com> Tue Aug 21 16:38:05 2018 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Oct 17 13:54:48 2018 +0200
tree e6b222f530f7329efdd73afc8a0bac6f9ea16638
parent c26eae1a9d3ce20dfd79808a967594bd256ece33

Fix memory leak with AEAD with non-default tag lengths

When freeing the key context, choose the context format based on the
base algorithm value stored in the operation object.

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d512d4c..f3a2c64 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2844,10 +2844,9 @@
     uint8_t tag_length;
 } aead_operation_t;
 
-static void psa_aead_abort( aead_operation_t *operation,
-                            psa_algorithm_t alg )
+static void psa_aead_abort( aead_operation_t *operation )
 {
-    switch( alg )
+    switch( operation->core_alg )
     {
 #if defined(MBEDTLS_CCM_C)
         case PSA_ALG_CCM:
@@ -2932,7 +2931,7 @@
     return( PSA_SUCCESS );
 
 cleanup:
-    psa_aead_abort( operation, alg );
+    psa_aead_abort( operation );
     return( status );
 }
 
@@ -2998,7 +2997,7 @@
         memset( ciphertext, 0, ciphertext_size );
 
 exit:
-    psa_aead_abort( &operation, alg );
+    psa_aead_abort( &operation );
     if( status == PSA_SUCCESS )
         *ciphertext_length = plaintext_length + operation.tag_length;
     return( status );
@@ -3090,7 +3089,7 @@
         memset( plaintext, 0, plaintext_size );
 
 exit:
-    psa_aead_abort( &operation, alg );
+    psa_aead_abort( &operation );
     if( status == PSA_SUCCESS )
         *plaintext_length = ciphertext_length - operation.tag_length;
     return( status );