Skip to content

Commit

Permalink
don't leak cipher handle if newCBC panics
Browse files Browse the repository at this point in the history
  • Loading branch information
@qmuntal
qmuntal committed Aug 22, 2023
1 parent c3d0095 commit 8a96154
Showing 1 changed file with 9 additions and 8 deletions.
17 changes: 9 additions & 8 deletions cng/aes.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,21 +129,22 @@ type cbcCipher struct {
}

func newCBC(encrypt bool, alg string, key, iv []byte) *cbcCipher {
kh, err := newCipherHandle(alg, bcrypt.CHAIN_MODE_CBC, key)
if err != nil {
panic(err)
}
x := &cbcCipher{kh: kh, encrypt: encrypt}
var blockSize int
switch alg {
case bcrypt.AES_ALGORITHM:
x.blockSize = aesBlockSize
blockSize = aesBlockSize
case bcrypt.DES_ALGORITHM:
x.blockSize = desBlockSize
blockSize = desBlockSize
default:
panic("invalid algorithm: " + alg)
}
x.SetIV(iv)
kh, err := newCipherHandle(alg, bcrypt.CHAIN_MODE_CBC, key)
if err != nil {
panic(err)
}
x := &cbcCipher{kh: kh, encrypt: encrypt, blockSize: blockSize}
runtime.SetFinalizer(x, (*cbcCipher).finalize)
x.SetIV(iv)
return x
}

Expand Down

0 comments on commit 8a96154

Please sign in to comment.