gh-145200: Fix EVP_MAC_CTX leak in hashlib HMAC on init failure

raminfp · raminfp · commit 997dbdcacad1 · 2026-02-25T12:04:13.000+03:30
diff --git a/Lib/test/test_hmac.py b/Lib/test/test_hmac.py
@@ -1024,6 +1024,14 @@ def test_hmac_digest_digestmod_parameter(self):
             ):
                 self.hmac_digest(b'key', b'msg', value)
 
+    def test_hmac_new_xof_digestmod(self):
+        # gh-145200: XOF digests (SHAKE) are not supported by HMAC.
+        # Verify that the error path does not leak the EVP_MAC_CTX.
+        for xof_name in ('shake_128', 'shake_256'):
+            with self.subTest(digestmod=xof_name):
+                with self.assertRaises(_hashlib.UnsupportedDigestmodError):
+                    self.hmac_new(b'key', digestmod=xof_name)
+
 
 class BuiltinConstructorTestCase(ThroughBuiltinAPIMixin,
                                  ExtensionConstructorTestCaseMixin,
diff --git a/Misc/NEWS.d/next/Library/2026-02-25-10-00-00.gh-issue-145200.m_4PAtcI.rst b/Misc/NEWS.d/next/Library/2026-02-25-10-00-00.gh-issue-145200.m_4PAtcI.rst
@@ -0,0 +1,3 @@
+Fix memory leak in :mod:`hashlib` HMAC when ``EVP_MAC_init()`` or
+``HMAC_Init_ex()`` fails (e.g., with an XOF digest such as SHAKE). The
+``EVP_MAC_CTX`` is now freed on the error path.
diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
@@ -2103,6 +2103,7 @@ hashlib_HMAC_CTX_new_from_digestmod(_hashlibstate *state,
     PY_EVP_MD_free(md);
 #endif
     if (r == 0) {
+        hashlib_openssl_HMAC_CTX_free(ctx);
         if (is_xof) {
             /* use a better default error message if an XOF is used */
             raise_unsupported_algorithm_error(state, digestmod);

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+Fix memory leak in :mod:`hashlib` HMAC when ``EVP_MAC_init()`` or
	`2`	+``HMAC_Init_ex()`` fails (e.g., with an XOF digest such as SHAKE). The
	`3`	+``EVP_MAC_CTX`` is now freed on the error path.