Bug report
Bug description:
While reading the hashlib code, I found some issues in the error branches where the EVP_MD_ctx is not freed upon failure or when we call py_digest_name with a NULL EVP_MD *.
@gpshead Should I consider this as a security issue? (some places might be a security issue since we are leaking some EVP_MD context objects but others are just leaking un-initialized contexts).
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Linked PRs
Bug report
Bug description:
While reading the hashlib code, I found some issues in the error branches where the
EVP_MD_ctxis not freed upon failure or when we callpy_digest_namewith a NULLEVP_MD *.@gpshead Should I consider this as a security issue? (some places might be a security issue since we are leaking some EVP_MD context objects but others are just leaking un-initialized contexts).
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Linked PRs
hashlib#127668hashlib(GH-127668) #130783hashlib(GH-127668) #130784_hashopenssl.cerror branches #131145_hashopenssl.cerror branches (#131145) #131347_hashopenssl.cerror branches (#131145) #131348