Blame SOURCES/net-snmp-5.7.2-key-leak-backport.patch

befa74
diff -urNp a/snmplib/keytools.c b/snmplib/keytools.c
befa74
--- a/snmplib/keytools.c	2018-11-26 14:48:35.967812631 +0100
befa74
+++ b/snmplib/keytools.c	2018-11-26 15:21:14.758817675 +0100
befa74
@@ -153,19 +153,21 @@ generate_Ku(const oid * hashtype, u_int
befa74
     ctx = EVP_MD_CTX_create();
befa74
 #else
befa74
     ctx = malloc(sizeof(*ctx));
befa74
-    EVP_MD_CTX_init(ctx);
befa74
+    if(!EVP_MD_CTX_init(ctx)){
befa74
+        QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
befa74
+    }
befa74
 #endif
befa74
 #ifndef NETSNMP_DISABLE_MD5
befa74
     if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
befa74
         if (!EVP_DigestInit(ctx, EVP_md5()))
befa74
             /* MD5 not supported */
befa74
-            return SNMPERR_GENERR;
befa74
+            QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
befa74
     } else
befa74
 #endif
befa74
         if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
befa74
             if (!EVP_DigestInit(ctx, EVP_sha1()))
befa74
                 /* SHA1 not supported */
befa74
-                return SNMPERR_GENERR;
befa74
+                QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
befa74
         } else {
befa74
             QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
befa74
         }
befa74
diff -urNp a/snmplib/scapi.c b/snmplib/scapi.c
befa74
--- a/snmplib/scapi.c	2018-11-26 14:48:35.967812631 +0100
befa74
+++ b/snmplib/scapi.c	2018-11-26 15:12:19.296751273 +0100
befa74
@@ -498,7 +498,8 @@ sc_hash(const oid * hashtype, size_t has
befa74
 #endif
befa74
     if (!EVP_DigestInit(cptr, hashfn)) {
befa74
         /* requested hash function is not available */
befa74
-        return SNMPERR_SC_NOT_CONFIGURED;
befa74
+        rval = SNMPERR_SC_NOT_CONFIGURED;
befa74
+	goto sc_hash_type_quit;
befa74
     }
befa74
 
befa74
 /** pass the data */
befa74
@@ -507,6 +508,8 @@ sc_hash(const oid * hashtype, size_t has
befa74
 /** do the final pass */
befa74
     EVP_DigestFinal(cptr, MAC, &tmp_len);
befa74
     *MAC_len = tmp_len;
befa74
+
befa74
+sc_hash_type_quit:
befa74
 #ifdef HAVE_EVP_MD_CTX_DESTROY
befa74
     EVP_MD_CTX_destroy(cptr);
befa74
 #else