Details
Description
- This holds for XML Security C++ 1.2.1 *
(I was unable to choose that version in Bugzilla)
—
In the file OpenSSLCryptoHashHMAC.cpp the destructor should be changed from
simply (line 136):
OpenSSLCryptoHashHMAC::~OpenSSLCryptoHashHMAC() {}
to
OpenSSLCryptoHashHMAC::~OpenSSLCryptoHashHMAC() {
HMAC_CTX_cleanup(&m_hctx);
}
Otherwise a leak occurs each time an HMAC signed signature is verified.