eliminated some memory leaks. Reported by Yoann Vandoorselaere <yoann@prelude-ids.org>.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2004-07-09 08:31:23 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2004-07-09 08:31:23 +0000
commit: 02a28f31dd721574a3bd56af88f476717795c206 (patch)
tree: 514f40038c6fae62f045abf621b4419b2795cbb6
parent: a72b1079766366cccd03997c464423c2c82608c2 (diff)
download: gnutls-02a28f31dd721574a3bd56af88f476717795c206.tar.gz
3 files changed, 30 insertions, 37 deletions
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index ff2603333d..c8d204573a 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -99,9 +99,7 @@ int _gnutls_x509_cert_verify_peers(gnutls_session session)
 	 */
 	peer_certificate_list_size = info->ncerts;
 	peer_certificate_list =
-	    gnutls_calloc(1,
-			  peer_certificate_list_size *
-			  sizeof(gnutls_x509_crt));
+	    gnutls_calloc(1, peer_certificate_list_size * sizeof(gnutls_x509_crt));
 	if (peer_certificate_list == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
@@ -117,8 +115,8 @@ int _gnutls_x509_cert_verify_peers(gnutls_session session)
 		
 		ret =
 		     gnutls_x509_crt_import(peer_certificate_list[i],
-					     &info->
-					     raw_certificate_list[i], GNUTLS_X509_FMT_DER);
+				&info->raw_certificate_list[i], 
+				GNUTLS_X509_FMT_DER);
 		if (ret < 0) {
 			gnutls_assert();
 			CLEAR_CERTS;
@@ -130,10 +128,10 @@ int _gnutls_x509_cert_verify_peers(gnutls_session session)
 	 */
 	ret =
 	    gnutls_x509_crt_list_verify(peer_certificate_list,
-				      peer_certificate_list_size,
-				      cred->x509_ca_list, cred->x509_ncas, 
-				      cred->x509_crl_list, cred->x509_ncrls, 
-				      cred->verify_flags, &verify);
+		peer_certificate_list_size,
+		cred->x509_ca_list, cred->x509_ncas, 
+		cred->x509_crl_list, cred->x509_ncrls, 
+		cred->verify_flags, &verify);
 
 	CLEAR_CERTS;
 
@@ -431,8 +429,7 @@ static int parse_pem_cert_mem( gnutls_cert** cert_list, uint* ncerts,
 
 		*cert_list =
 		    (gnutls_cert *) gnutls_realloc_fast( *cert_list,
-						   i *
-						   sizeof(gnutls_cert));
+			i * sizeof(gnutls_cert));
 
 		if ( *cert_list == NULL) {
 			gnutls_assert();
@@ -448,6 +445,7 @@ static int parse_pem_cert_mem( gnutls_cert** cert_list, uint* ncerts,
 			gnutls_assert();
 			return ret;
 		}
+		gnutls_free( ptr2);
 		
 		/* now we move ptr after the pem header 
 		 */
@@ -925,7 +923,6 @@ int gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials res, con
 static int generate_rdn_seq( gnutls_certificate_credentials res) 
 {
 gnutls_datum tmp;
-gnutls_datum _tmp;
 int ret;
 uint size, i;
 opaque *pdata;
@@ -943,12 +940,13 @@ opaque *pdata;
 
 	size = 0;
 	for (i = 0; i < res->x509_ncas; i++) {
-		if ((ret = _gnutls_x509_crt_get_raw_issuer_dn( 
-			res->x509_ca_list[i], &tmp)) < 0) {
+		ret = _gnutls_x509_crt_get_raw_issuer_dn( res->x509_ca_list[i], &tmp);
+		if (ret < 0) {
 			gnutls_assert();
 			return ret;
 		}
 		size += (2 + tmp.size);
+		_gnutls_free_datum( &tmp);
 	}
 
 	if (res->x509_rdn_sequence.data != NULL)
@@ -964,8 +962,8 @@ opaque *pdata;
 	pdata = res->x509_rdn_sequence.data;
 
 	for (i = 0; i < res->x509_ncas; i++) {
-		if ((ret = _gnutls_x509_crt_get_raw_issuer_dn( 
-			res->x509_ca_list[i], &tmp)) < 0) {
+		ret = _gnutls_x509_crt_get_raw_issuer_dn( res->x509_ca_list[i], &tmp);
+		if (ret < 0) {
 			gnutls_free(res->x509_rdn_sequence.data);
 			res->x509_rdn_sequence.size = 0;
 			res->x509_rdn_sequence.data = NULL;
@@ -973,10 +971,9 @@ opaque *pdata;
 			return ret;
 		}
 
-		_tmp.data = (opaque*) tmp.data;
-		_tmp.size = tmp.size;
-		_gnutls_write_datum16(pdata, _tmp);
+		_gnutls_write_datum16(pdata, tmp);
 		pdata += (2 + tmp.size);
+		_gnutls_free_datum( &tmp);
 	}
 
 	return 0;
@@ -1065,8 +1062,7 @@ static int parse_pem_ca_mem( gnutls_x509_crt** cert_list, uint* ncerts,
 
 		*cert_list =
 		    (gnutls_x509_crt *) gnutls_realloc_fast( *cert_list,
-						   i *
-						   sizeof(gnutls_x509_crt));
+			i * sizeof(gnutls_x509_crt));
 
 		if ( *cert_list == NULL) {
 			gnutls_assert();
diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index 44a152b7d3..e96a798fb6 100644
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -278,10 +278,9 @@ cleanup:
  */
 static
 unsigned int _gnutls_x509_verify_certificate(gnutls_x509_crt * certificate_list,
-				    int clist_size,
-				    gnutls_x509_crt * trusted_cas,
-				    int tcas_size, gnutls_x509_crl *CRLs,
-				    int crls_size, unsigned int flags)
+	int clist_size, gnutls_x509_crt * trusted_cas,
+	int tcas_size, gnutls_x509_crl *CRLs,
+	int crls_size, unsigned int flags)
 {
 	int i = 0, ret;
 	unsigned int status = 0, output;
@@ -306,7 +305,7 @@ unsigned int _gnutls_x509_verify_certificate(gnutls_x509_crt * certificate_list,
 
 		if ((ret =
 		     _gnutls_verify_certificate2(certificate_list[i],
-						 &certificate_list[i + 1], 1, flags, NULL)) != 1) 
+				&certificate_list[i + 1], 1, flags, NULL)) != 1) 
 		{
 			status |= GNUTLS_CERT_INVALID;
 		}
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 5d8ce24a22..1fecb3f963 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -1075,7 +1075,7 @@ int _gnutls_x509_crt_get_raw_dn2( gnutls_x509_crt cert,
 	ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
 	int result, len1;
 	int start1, end1;
-	gnutls_datum signed_data;
+	gnutls_datum signed_data = { NULL, 0 };
 
 	/* get the issuer of 'cert'
 	 */
@@ -1125,35 +1125,33 @@ cleanup:
 /*-
   * _gnutls_x509_crt_get_raw_issuer_dn - This function returns the issuer's DN DER encoded
   * @cert: should contain a gnutls_x509_crt structure
-  * @start: will hold the starting point of the DN
+  * @dn: will hold the allocated data with the DN
   *
-  * This function will return a pointer to the DER encoded DN structure and
-  * the length.
+  * This function will allocate data and return the DER encoded DN structure.
   *
   * Returns 0 on success or a negative value on error.
   *
   -*/
 int _gnutls_x509_crt_get_raw_issuer_dn( gnutls_x509_crt cert,
-	gnutls_datum* start)
+	gnutls_datum* dn)
 {
-	return _gnutls_x509_crt_get_raw_dn2( cert, "issuer", start);
+	return _gnutls_x509_crt_get_raw_dn2( cert, "issuer", dn);
 }
 
 /*-
   * _gnutls_x509_crt_get_raw_dn - This function returns the subject's DN DER encoded
   * @cert: should contain a gnutls_x509_crt structure
-  * @start: will hold the starting point of the DN
+  * @dn: will hold the allocated data with the DN
   *
-  * This function will return a pointer to the DER encoded DN structure and
-  * the length.
+  * This function will allocate data and return the DER encoded DN structure.
   *
   * Returns 0 on success, or a negative value on error.
   *
   -*/
 int _gnutls_x509_crt_get_raw_dn( gnutls_x509_crt cert,
-	gnutls_datum * start)
+	gnutls_datum * dn)
 {
-	return _gnutls_x509_crt_get_raw_dn2( cert, "subject", start);
+	return _gnutls_x509_crt_get_raw_dn2( cert, "subject", dn);
 }
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2004-07-09 08:31:23 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2004-07-09 08:31:23 +0000
commit	02a28f31dd721574a3bd56af88f476717795c206 (patch)
tree	514f40038c6fae62f045abf621b4419b2795cbb6
parent	a72b1079766366cccd03997c464423c2c82608c2 (diff)
download	gnutls-02a28f31dd721574a3bd56af88f476717795c206.tar.gz