diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2014-01-25 03:21:38 +0400 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2014-01-27 14:32:38 +0100 |
commit | 6d87e6abdfb7552323a95401f14e6367398a3e5a (patch) | |
tree | e25343f3e31c7fa342a35ff2b9a881d2535f94b6 /cipher/ecc-curves.c | |
parent | 5d23e7b9a77421f3ebfda4a84c459a8729f3bb41 (diff) | |
download | libgcrypt-6d87e6abdfb7552323a95401f14e6367398a3e5a.tar.gz |
Fix memory leaks in ecc code
* cipher/ecc-curves.c (_gcry_ecc_update_curve_param): Release passed mpi
values.
* cipher/ecc.c (compute_keygrip): Fix potential memory leak in error
path.
* cipher/ecc.c (_gcry_ecc_get_curve): Release temporary mpi.
--
==11657== 252 (80 direct, 172 indirect) bytes in 4 blocks are definitely lost in loss record 8 of 8
==11657== at 0x4028A28: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==11657== by 0x404178F: _gcry_private_malloc (stdmem.c:113)
==11657== by 0x403CED1: do_malloc.constprop.4 (global.c:768)
==11657== by 0x403DD01: _gcry_xmalloc (global.c:790)
==11657== by 0x409EAE0: _gcry_mpi_alloc (mpiutil.c:84)
==11657== by 0x409C4E4: _gcry_mpi_scan (mpicoder.c:466)
==11657== by 0x404009C: _gcry_sexp_nth_mpi (sexp.c:796)
==11657== by 0x40410B5: _gcry_sexp_vextract_param (sexp.c:2327)
==11657== by 0x4041396: _gcry_sexp_extract_param (sexp.c:2378)
==11657== by 0x407B895: compute_keygrip (ecc.c:1492)
==11657== by 0x404BBE8: _gcry_pk_get_keygrip (pubkey.c:674)
==11657== by 0x403B1BF: gcry_pk_get_keygrip (visibility.c:1056)
==16502== 144 (60 direct, 84 indirect) bytes in 3 blocks are definitely lost in loss record 3 of 7
==16502== at 0x4028A28: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==16502== by 0x404B4DE: _gcry_private_malloc (stdmem.c:113)
==16502== by 0x404667B: do_malloc (global.c:768)
==16502== by 0x40466E7: _gcry_malloc (global.c:790)
==16502== by 0x4046A55: _gcry_xmalloc (global.c:944)
==16502== by 0x40CD25B: _gcry_mpi_alloc (mpiutil.c:84)
==16502== by 0x40CAC3E: _gcry_mpi_scan (mpicoder.c:548)
==16502== by 0x40A72B2: scanval (ecc-curves.c:432)
==16502== by 0x40A7B0D: _gcry_ecc_get_curve (ecc-curves.c:685)
==16502== by 0x4058164: _gcry_pk_get_curve (pubkey.c:747)
==16502== by 0x4043E14: gcry_pk_get_curve (visibility.c:1067)
==16502== by 0x8048934: check_matching (curves.c:124)
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'cipher/ecc-curves.c')
-rw-r--r-- | cipher/ecc-curves.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index dc74ee01..0f622f73 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -575,6 +575,7 @@ _gcry_ecc_update_curve_param (const char *name, return gpg_err_code_from_syserror (); strcpy (stpcpy (stpcpy (buf, "0x04"), domain_parms[idx].g_x+2), domain_parms[idx].g_y+2); + _gcry_mpi_release (*g); *g = scanval (buf); xfree (buf); } @@ -583,13 +584,25 @@ _gcry_ecc_update_curve_param (const char *name, if (dialect) *dialect = domain_parms[idx].dialect; if (p) - *p = scanval (domain_parms[idx].p); + { + _gcry_mpi_release (*p); + *p = scanval (domain_parms[idx].p); + } if (a) - *a = scanval (domain_parms[idx].a); + { + _gcry_mpi_release (*a); + *a = scanval (domain_parms[idx].a); + } if (b) - *b = scanval (domain_parms[idx].b); + { + _gcry_mpi_release (*b); + *b = scanval (domain_parms[idx].b); + } if (n) - *n = scanval (domain_parms[idx].n); + { + _gcry_mpi_release (*n); + *n = scanval (domain_parms[idx].n); + } return 0; } @@ -669,6 +682,7 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) for (idx = 0; domain_parms[idx].desc; idx++) { + mpi_free (tmp); tmp = scanval (domain_parms[idx].p); if (!mpi_cmp (tmp, E.p)) { |