Corrected memory leaks.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-04-08 15:38:42 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2011-04-08 15:44:46 +0200
commit: 029c4260bd3e0bd444ac0ca473386f7ef57470ec (patch)
tree: b70a73f90d0a621671c5a5faa2ab502f52f0f531
parent: 1e4e52ea7fdeea7d21c1c4c79683a474ba54a912 (diff)
download: gnutls-029c4260bd3e0bd444ac0ca473386f7ef57470ec.tar.gz
9 files changed, 45 insertions, 30 deletions
diff --git a/NEWS b/NEWS
index 23c6a01e3c..13db59b833 100644
--- a/NEWS
+++ b/NEWS
@@ -7,7 +7,7 @@ See the end for copying conditions.
 
 ** libgnutls: Several updates and fixes for win32. Patches by LRN.
 
-** libgnutls: Several bug fixes.
+** libgnutls: Several bug and memory leak fixes.
 
 ** srptool: Accepts the -d option to enable debugging.
 
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index 5df743e857..ea9062c5cf 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -162,7 +162,6 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, opaque ** data, g
   session->key->KEY =
     gnutls_calc_dh_key (session->key->client_Y, x, session->key->client_p);
 
-  _gnutls_mpi_release (&x);
   if (session->key->KEY == NULL)
     {
       gnutls_assert ();
@@ -204,7 +203,7 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, opaque ** data, g
       goto error;
     }
 
-  return n_X + 2;
+  ret = n_X + 2;
 
 error:
   _gnutls_mpi_release (&x);
diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c
index 9ecba26d6d..9597572312 100644
--- a/lib/gnutls_privkey.c
+++ b/lib/gnutls_privkey.c
@@ -272,12 +272,12 @@ gnutls_privkey_deinit (gnutls_privkey_t key)
       {
 #ifdef ENABLE_OPENPGP
       case GNUTLS_PRIVKEY_OPENPGP:
-        return gnutls_openpgp_privkey_deinit (key->key.openpgp);
+        gnutls_openpgp_privkey_deinit (key->key.openpgp);
 #endif
       case GNUTLS_PRIVKEY_PKCS11:
-        return gnutls_pkcs11_privkey_deinit (key->key.pkcs11);
+        gnutls_pkcs11_privkey_deinit (key->key.pkcs11);
       case GNUTLS_PRIVKEY_X509:
-        return gnutls_x509_privkey_deinit (key->key.x509);
+        gnutls_x509_privkey_deinit (key->key.x509);
       }
   gnutls_free (key);
 }
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index 36f304a116..ee5872f096 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -850,7 +850,6 @@ certificate_credentials_append_pkey (gnutls_certificate_credentials_t res,
       gnutls_assert ();
       return GNUTLS_E_MEMORY_ERROR;
     }
-
   res->pkey[res->ncerts] = pkey;
   return 0;
 
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 5a57b14e5d..9af3739e68 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -225,7 +225,7 @@ _wrap_nettle_pk_decrypt (gnutls_pk_algorithm_t algo,
             return GNUTLS_E_MEMORY_ERROR;
           }
 
-        rsa_private_key_init (&priv);
+        memset(&priv, 0, sizeof(priv));
         _rsa_params_to_privkey (pk_params, &priv);
 
         rsa_compute_root (&priv, TOMPZ (nc), TOMPZ (nc));
@@ -278,8 +278,8 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
         struct dsa_signature sig;
         int hash_len;
 
-        dsa_public_key_init (&pub);
-        dsa_private_key_init (&priv);
+        memset(&priv, 0, sizeof(priv));
+        memset(&pub, 0, sizeof(pub));
         _dsa_params_to_pubkey (pk_params, &pub);
         _dsa_params_to_privkey (pk_params, &priv);
 
@@ -327,7 +327,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
             return GNUTLS_E_MPI_SCAN_FAILED;
           }
 
-        rsa_private_key_init (&priv);
+        memset(&priv, 0, sizeof(priv));
         _rsa_params_to_privkey (pk_params, &priv);
 
         nc = rsa_blind (hash, pk_params->params[1] /*e */ ,
@@ -338,7 +338,8 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
         if (nc == NULL)
           {
             gnutls_assert ();
-            return GNUTLS_E_MEMORY_ERROR;
+            ret = GNUTLS_E_MEMORY_ERROR;
+            goto rsa_fail;
           }
 
         rsa_compute_root (&priv, TOMPZ (nc), TOMPZ (nc));
@@ -346,6 +347,8 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
         rsa_unblind (nc, ri, pk_params->params[0] /*m */ );
 
         ret = _gnutls_mpi_dprint (nc, signature);
+
+rsa_fail:
         _gnutls_mpi_release (&nc);
         _gnutls_mpi_release (&ri);
 
@@ -421,7 +424,7 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo,
             gnutls_assert ();
             goto cleanup;
           }
-        dsa_public_key_init (&pub);
+        memset(&pub, 0, sizeof(pub));
         _dsa_params_to_pubkey (pk_params, &pub);
         memcpy (&sig.r, tmp[0], sizeof (sig.r));
         memcpy (&sig.s, tmp[1], sizeof (sig.s));
@@ -490,6 +493,8 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
   int ret, i;
   int q_bits;
 
+  memset(params, 0, sizeof(*params));
+
   switch (algo)
     {
 
@@ -514,7 +519,8 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
         if (ret != 1)
           {
             gnutls_assert ();
-            return GNUTLS_E_INTERNAL_ERROR;
+            ret = GNUTLS_E_INTERNAL_ERROR;
+            goto dsa_fail;
           }
 
         params->params_nr = 0;
@@ -524,21 +530,25 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
             if (params->params[i] == NULL)
               {
                 ret = GNUTLS_E_MEMORY_ERROR;
-                dsa_private_key_clear (&priv);
-                dsa_public_key_clear (&pub);
-                goto fail;
+                goto dsa_fail;
               }
             params->params_nr++;
           }
+
+        ret = 0;
         _gnutls_mpi_set (params->params[0], pub.p);
         _gnutls_mpi_set (params->params[1], pub.q);
         _gnutls_mpi_set (params->params[2], pub.g);
         _gnutls_mpi_set (params->params[3], pub.y);
         _gnutls_mpi_set (params->params[4], priv.x);
 
+dsa_fail:
         dsa_private_key_clear (&priv);
         dsa_public_key_clear (&pub);
 
+        if (ret < 0)
+          goto fail;
+
         break;
       }
     case GNUTLS_PK_RSA:
@@ -557,7 +567,8 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
         if (ret != 1)
           {
             gnutls_assert ();
-            return GNUTLS_E_INTERNAL_ERROR;
+            ret = GNUTLS_E_INTERNAL_ERROR;
+            goto rsa_fail;
           }
 
         params->params_nr = 0;
@@ -567,13 +578,14 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
             if (params->params[i] == NULL)
               {
                 ret = GNUTLS_E_MEMORY_ERROR;
-                rsa_private_key_clear (&priv);
-                rsa_public_key_clear (&pub);
-                goto fail;
+                goto rsa_fail;
               }
             params->params_nr++;
 
           }
+          
+        ret = 0;
+
         _gnutls_mpi_set (params->params[0], pub.n);
         _gnutls_mpi_set (params->params[1], pub.e);
         _gnutls_mpi_set (params->params[2], priv.d);
@@ -582,9 +594,14 @@ wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
         _gnutls_mpi_set (params->params[5], priv.c);
         _gnutls_mpi_set (params->params[6], priv.a);
         _gnutls_mpi_set (params->params[7], priv.b);
+
+rsa_fail:
         rsa_private_key_clear (&priv);
         rsa_public_key_clear (&pub);
 
+        if (ret < 0)
+          goto fail;
+
         break;
       }
     default:
diff --git a/lib/pakchois/pakchois.c b/lib/pakchois/pakchois.c
index e2ffe0fd47..decd752c07 100644
--- a/lib/pakchois/pakchois.c
+++ b/lib/pakchois/pakchois.c
@@ -581,18 +581,14 @@ pakchois_module_destroy (pakchois_module_t * mod)
   free (mod);
 }
 
-#ifdef __GNUC__
-static void pakchois_destructor (void) __attribute__ ((destructor));
-
-static void
-pakchois_destructor (void)
+void pakchois_destructor (void)
 {
   if (provider_mutex != NULL)
-    gnutls_mutex_deinit (&provider_mutex);
+    {
+      gnutls_mutex_deinit (&provider_mutex);
+      provider_mutex = NULL;
+    }
 }
-#else
-#warning need destructor support
-#endif
 
 ck_rv_t
 pakchois_get_info (pakchois_module_t * mod, struct ck_info *info)
diff --git a/lib/pakchois/pakchois.h b/lib/pakchois/pakchois.h
index a7f8069fcd..16558ef034 100644
--- a/lib/pakchois/pakchois.h
+++ b/lib/pakchois/pakchois.h
@@ -96,6 +96,8 @@ ck_rv_t pakchois_module_nssload_abs (pakchois_module_t ** module,
 /* Destroy a PKCS#11 module. */
 void pakchois_module_destroy (pakchois_module_t * module);
 
+void pakchois_destructor (void);
+
 /* Return the error string corresponding to the given return value.
  * Never returns NULL.  */
 const char *pakchois_error (ck_rv_t rv);
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 2285ce8ba0..81c043b1e0 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -456,6 +456,7 @@ gnutls_pkcs11_deinit (void)
       pakchois_module_destroy (providers[i].module);
     }
   active_providers = 0;
+  pakchois_destructor();
 }
 
 /**
diff --git a/tests/mini-x509.c b/tests/mini-x509.c
index 8b57ca8441..9a1b4e80ba 100644
--- a/tests/mini-x509.c
+++ b/tests/mini-x509.c
@@ -236,6 +236,7 @@ main (int argc, char *argv[])
   free (to_client);
 
   gnutls_certificate_free_credentials (serverx509cred);
+  gnutls_certificate_free_credentials (clientx509cred);
 
   gnutls_global_deinit ();
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-04-08 15:38:42 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2011-04-08 15:44:46 +0200
commit	029c4260bd3e0bd444ac0ca473386f7ef57470ec (patch)
tree	b70a73f90d0a621671c5a5faa2ab502f52f0f531
parent	1e4e52ea7fdeea7d21c1c4c79683a474ba54a912 (diff)
download	gnutls-029c4260bd3e0bd444ac0ca473386f7ef57470ec.tar.gz