Fix error-handling in EVP_BytesToKey. This only matters on malloc failure and I think, even then, EVP_DigestInit_ex will only fail the first time around the loop so it wouldn't actually leak anything. Nonetheless, that should be a goto err. Change-Id: Ieea9db387f9c16915c3a0026c6fd48036da2cfef Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40748 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com>

commit: 367d64f84c3c1d01381c18c5a239b85eef47633c [log] [tgz]
author: David Benjamin <davidben@google.com> Wed Apr 15 11:16:07 2020 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Apr 17 18:40:28 2020 +0000
tree: c4e572eabeefd2e03f0a4afc158c63e514d04447
parent: 8f3019e849afe428d0e29f34294a6328c8105b83 [diff]
diff --git a/crypto/cipher_extra/derive_key.c b/crypto/cipher_extra/derive_key.c
index ff5ae06..45b4963 100644
--- a/crypto/cipher_extra/derive_key.c
+++ b/crypto/cipher_extra/derive_key.c

@@ -86,7 +86,7 @@
   EVP_MD_CTX_init(&c);
   for (;;) {
     if (!EVP_DigestInit_ex(&c, md, NULL)) {
-      return 0;
+      goto err;
     }
     if (addmd++) {
       if (!EVP_DigestUpdate(&c, md_buf, mds)) {
commit	367d64f84c3c1d01381c18c5a239b85eef47633c	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed Apr 15 11:16:07 2020 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Apr 17 18:40:28 2020 +0000
tree	c4e572eabeefd2e03f0a4afc158c63e514d04447
parent	8f3019e849afe428d0e29f34294a6328c8105b83 [diff]