From 40628bad98973fb7270b6822924086c4d27b3b79 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Thu, 3 Jan 2013 10:50:31 +0100
Subject: [PATCH] Memory leak when using RSA_PKCS_V21 operations fixed

---
 ChangeLog     |  4 ++++
 library/rsa.c | 11 +++++++----
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index cbb069a97..aa0c2a4bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 PolarSSL ChangeLog
 
+= Version Master
+Bugfix
+   * Memory leak when using RSA_PKCS_V21 operations fixed
+
 = Version 1.2.3 released 2012-11-26
 Bugfix
    * Server not always sending correct CertificateRequest message
diff --git a/library/rsa.c b/library/rsa.c
index 637c23a11..5d7129a00 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -440,7 +440,6 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
                 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
 
             memset( output, 0, olen );
-            memset( &md_ctx, 0, sizeof( md_context_t ) );
 
             md_init_ctx( &md_ctx, md_info );
 
@@ -470,6 +469,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
             //
             mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,  
                        &md_ctx );
+
+            md_free_ctx( &md_ctx );
             break;
 #endif
 
@@ -566,7 +567,6 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
                 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
                 
             hlen = md_get_size( md_info );
-            memset( &md_ctx, 0, sizeof( md_context_t ) );
 
             md_init_ctx( &md_ctx, md_info );
             
@@ -585,6 +585,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
                        &md_ctx );
 
             p += hlen;
+            md_free_ctx( &md_ctx );
 
             // Check validity
             //
@@ -798,7 +799,6 @@ int rsa_pkcs1_sign( rsa_context *ctx,
                 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
 
             memset( sig, 0, olen );
-            memset( &md_ctx, 0, sizeof( md_context_t ) );
 
             md_init_ctx( &md_ctx, md_info );
 
@@ -834,6 +834,8 @@ int rsa_pkcs1_sign( rsa_context *ctx,
             //
             mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx );
 
+            md_free_ctx( &md_ctx );
+
             msb = mpi_msb( &ctx->N ) - 1;
             sig[0] &= 0xFF >> ( olen * 8 - msb );
 
@@ -1012,7 +1014,6 @@ int rsa_pkcs1_verify( rsa_context *ctx,
             hlen = md_get_size( md_info );
             slen = siglen - hlen - 1;
 
-            memset( &md_ctx, 0, sizeof( md_context_t ) );
             memset( zeros, 0, 8 );
 
             md_init_ctx( &md_ctx, md_info );
@@ -1054,6 +1055,8 @@ int rsa_pkcs1_verify( rsa_context *ctx,
             md_update( &md_ctx, p, slen );
             md_finish( &md_ctx, result );
 
+            md_free_ctx( &md_ctx );
+
             if( memcmp( p + slen, result, hlen ) == 0 )
                 return( 0 );
             else