Blame SOURCES/net-snmp-5.7.2-key-leak-backport.patch

aa44a8
diff -urNp a/snmplib/keytools.c b/snmplib/keytools.c
aa44a8
--- a/snmplib/keytools.c	2018-11-26 14:48:35.967812631 +0100
aa44a8
+++ b/snmplib/keytools.c	2018-11-26 15:21:14.758817675 +0100
aa44a8
@@ -153,19 +153,21 @@ generate_Ku(const oid * hashtype, u_int
aa44a8
     ctx = EVP_MD_CTX_create();
aa44a8
 #else
aa44a8
     ctx = malloc(sizeof(*ctx));
aa44a8
-    EVP_MD_CTX_init(ctx);
aa44a8
+    if(!EVP_MD_CTX_init(ctx)){
aa44a8
+        QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
aa44a8
+    }
aa44a8
 #endif
aa44a8
 #ifndef NETSNMP_DISABLE_MD5
aa44a8
     if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
aa44a8
         if (!EVP_DigestInit(ctx, EVP_md5()))
aa44a8
             /* MD5 not supported */
aa44a8
-            return SNMPERR_GENERR;
aa44a8
+            QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
aa44a8
     } else
aa44a8
 #endif
aa44a8
         if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
aa44a8
             if (!EVP_DigestInit(ctx, EVP_sha1()))
aa44a8
                 /* SHA1 not supported */
aa44a8
-                return SNMPERR_GENERR;
aa44a8
+                QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
aa44a8
         } else {
aa44a8
             QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
aa44a8
         }
aa44a8
diff -urNp a/snmplib/scapi.c b/snmplib/scapi.c
aa44a8
--- a/snmplib/scapi.c	2018-11-26 14:48:35.967812631 +0100
aa44a8
+++ b/snmplib/scapi.c	2018-11-26 15:12:19.296751273 +0100
aa44a8
@@ -498,7 +498,8 @@ sc_hash(const oid * hashtype, size_t has
aa44a8
 #endif
aa44a8
     if (!EVP_DigestInit(cptr, hashfn)) {
aa44a8
         /* requested hash function is not available */
aa44a8
-        return SNMPERR_SC_NOT_CONFIGURED;
aa44a8
+        rval = SNMPERR_SC_NOT_CONFIGURED;
aa44a8
+	goto sc_hash_type_quit;
aa44a8
     }
aa44a8
 
aa44a8
 /** pass the data */
aa44a8
@@ -507,6 +508,8 @@ sc_hash(const oid * hashtype, size_t has
aa44a8
 /** do the final pass */
aa44a8
     EVP_DigestFinal(cptr, MAC, &tmp_len);
aa44a8
     *MAC_len = tmp_len;
aa44a8
+
aa44a8
+sc_hash_type_quit:
aa44a8
 #ifdef HAVE_EVP_MD_CTX_DESTROY
aa44a8
     EVP_MD_CTX_destroy(cptr);
aa44a8
 #else