git: 77c04f3eb12a - main - radlib: fix a memory leak in `is_valid_request`

From: Enji Cooper <ngie_at_FreeBSD.org>
Date: Wed, 05 Jun 2024 02:41:03 UTC
The branch main has been updated by ngie:

URL: https://cgit.FreeBSD.org/src/commit/?id=77c04f3eb12a560eb61252c817e4147bc0178e43

commit 77c04f3eb12a560eb61252c817e4147bc0178e43
Author:     Enji Cooper <ngie@FreeBSD.org>
AuthorDate: 2024-06-04 20:01:55 +0000
Commit:     Enji Cooper <ngie@FreeBSD.org>
CommitDate: 2024-06-05 02:40:55 +0000

    radlib: fix a memory leak in `is_valid_request`
    
    Call `HMAC_CTX_free` if returning early from `is_valid_request` when
    processing `Message-Authenticator` tags.
    
    Reported by:    Coverity
    MFC after:      1 week
    Fixes: 8d5c7813061d ("libradius: Fix input validation bugs")
    Differential Revision:  https://reviews.freebsd.org/D45488
---
 lib/libradius/radlib.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c
index c7d18227021e..f45eb923774b 100644
--- a/lib/libradius/radlib.c
+++ b/lib/libradius/radlib.c
@@ -320,8 +320,10 @@ is_valid_request(struct rad_handle *h)
 	hctx = HMAC_CTX_new();
 	while (pos < len - 2) {
 		alen = h->in[pos + 1];
-		if (alen < 2)
+		if (alen < 2) {
+			HMAC_CTX_free(hctx);
 			return (0);
+		}
 		if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) {
 			if (len - pos < MD5_DIGEST_LENGTH + 2) {
 				HMAC_CTX_free(hctx);