From 0ded7039fab314afb7cbaf36b52209f253c05539 Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <dgustafsson@postgresql.org>
Date: Fri, 1 Oct 2021 22:47:05 +0200
Subject: [PATCH] Fix memory leak in pg_hmac

The intermittent h buffer was not freed, causing it to leak. Backpatch
through 14 where HMAC was refactored to the current API.

Author: Sergey Shinderuk <s.shinderuk@postgrespro.ru>
Discussion: https://postgr.es/m/af07e620-7e28-a742-4637-2bc44aa7c2be@postgrespro.ru
Backpatch-through: 14
---
 src/common/hmac.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/common/hmac.c b/src/common/hmac.c
index 1089db6744..bfe2e7cb5e 100644
--- a/src/common/hmac.c
+++ b/src/common/hmac.c
@@ -232,7 +232,10 @@ pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
 	memset(h, 0, ctx->digest_size);
 
 	if (pg_cryptohash_final(ctx->hash, h, ctx->digest_size) < 0)
+	{
+		FREE(h);
 		return -1;
+	}
 
 	/* H(K XOR opad, tmp) */
 	if (pg_cryptohash_init(ctx->hash) < 0 ||
@@ -240,9 +243,11 @@ pg_hmac_final(pg_hmac_ctx *ctx, uint8 *dest, size_t len)
 		pg_cryptohash_update(ctx->hash, h, ctx->digest_size) < 0 ||
 		pg_cryptohash_final(ctx->hash, dest, len) < 0)
 	{
+		FREE(h);
 		return -1;
 	}
 
+	FREE(h);
 	return 0;
 }