diff options
author | Nikos <nmav@crystal.(none)> | 2008-02-17 00:18:08 +0200 |
---|---|---|
committer | Nikos <nmav@crystal.(none)> | 2008-02-17 00:18:08 +0200 |
commit | 0f9a4c351774a14085108f47f8e481f5982f1798 (patch) | |
tree | 85012871e578a17515128ff86cd08afe49613385 | |
parent | 1a9ddd6a60624d8a3ef30005462c8373d911b487 (diff) | |
download | gnutls-0f9a4c351774a14085108f47f8e481f5982f1798.tar.gz |
Corrected memory leaks in session resuming and DHE ciphersuites. Reported
by Daniel Stenberg.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | lib/auth_dh_common.c | 2 | ||||
-rw-r--r-- | lib/gnutls_auth.c | 7 | ||||
-rw-r--r-- | lib/gnutls_session.c | 12 | ||||
-rw-r--r-- | lib/gnutls_session_pack.c | 27 |
5 files changed, 19 insertions, 32 deletions
@@ -8,6 +8,9 @@ See the end for copying conditions. ** Cipher priority string handling now handle strings that starts with NULL. Thanks to Laurence Withers <l@lwithers.me.uk>. +** Corrected memory leaks in session resuming and DHE ciphersuites. Reported +by Daniel Stenberg. + ** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name() and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary strings and return the proper size. diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c index 98f9ed4084..20549ca737 100644 --- a/lib/auth_dh_common.c +++ b/lib/auth_dh_common.c @@ -164,8 +164,6 @@ _gnutls_gen_dh_common_client_kx (gnutls_session_t session, opaque ** data) goto error; } - _gnutls_dh_set_peer_public (session, session->key->client_Y); - /* THESE SHOULD BE DISCARDED */ _gnutls_mpi_release (&session->key->client_Y); _gnutls_mpi_release (&session->key->client_p); diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c index 040bf04518..fada7f3d4a 100644 --- a/lib/gnutls_auth.c +++ b/lib/gnutls_auth.c @@ -394,14 +394,17 @@ _gnutls_auth_info_set (gnutls_session_t session, */ if (gnutls_auth_get_type (session) != session->key->auth_info_type) { + + _gnutls_free_auth_info (session); + session->key->auth_info = - gnutls_realloc_fast (session->key->auth_info, size); + calloc( 1, size); if (session->key->auth_info == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - memset (session->key->auth_info, 0, size); + session->key->auth_info_type = type; session->key->auth_info_size = size; } diff --git a/lib/gnutls_session.c b/lib/gnutls_session.c index a1cd173e61..9b2d6bcfce 100644 --- a/lib/gnutls_session.c +++ b/lib/gnutls_session.c @@ -25,6 +25,7 @@ #include "gnutls_errors.h" #include "debug.h" #include <gnutls_session_pack.h> +#include <gnutls_datum.h> /** * gnutls_session_get_data - Returns all session parameters. @@ -61,12 +62,19 @@ gnutls_session_get_data (gnutls_session_t session, *session_data_size = psession.size; if (psession.size > *session_data_size) - return GNUTLS_E_SHORT_MEMORY_BUFFER; + { + ret = GNUTLS_E_SHORT_MEMORY_BUFFER; + goto error; + } if (session_data != NULL) memcpy (session_data, psession.data, psession.size); - return 0; + ret = 0; + +error: + _gnutls_free_datum( &psession); + return ret; } /** diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 9dc5ad2392..51fcf98a65 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -165,7 +165,7 @@ _gnutls_session_unpack (gnutls_session_t session, return GNUTLS_E_INTERNAL_ERROR; } - if (session->key->auth_info != NULL) + if (_gnutls_get_auth_info(session) != NULL) { _gnutls_free_auth_info (session); } @@ -260,13 +260,6 @@ pack_certificate_auth_info (gnutls_session_t session, int cert_size, pack_size; cert_auth_info_t info = _gnutls_get_auth_info (session); - - if (info == NULL && session->key->auth_info_size != 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - if (info) { cert_size = 4; @@ -510,12 +503,6 @@ pack_srp_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) srp_server_auth_info_t info = _gnutls_get_auth_info (session); int pack_size; - if (info == NULL && session->key->auth_info_size != 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - if (info && info->username) pack_size = strlen (info->username) + 1; /* include the terminating null */ else @@ -619,12 +606,6 @@ pack_anon_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) int pos = 0; size_t pack_size; - if (info == NULL && session->key->auth_info_size != 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - if (info) pack_size = 2 + 4 * 3 + info->dh.prime.size + info->dh.generator.size + info->dh.public_key.size; @@ -783,12 +764,6 @@ pack_psk_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) info = _gnutls_get_auth_info (session); - if (info == NULL && session->key->auth_info_size != 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - if (info) { username_size = strlen (info->username) + 1; /* include the terminating null */ |