diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-12-13 23:32:38 +0200 |
---|---|---|
committer | Matěj Cepl <mcepl@cepl.eu> | 2015-10-13 15:23:20 +0200 |
commit | 970bebc723f53477c34570a84742fd1d5a0fccc9 (patch) | |
tree | 993b06f8c6edfaa57475f412f22329e4252a2fd3 | |
parent | e5beb894caf9ed629fde67ca5bf39e7518f49c28 (diff) | |
download | m2crypto-970bebc723f53477c34570a84742fd1d5a0fccc9.tar.gz |
Memory leak in SWIG/_aes.i: AES_crypt
See https://bugzilla.redhat.com/show_bug.cgi?id=659881 for more
information.
A buffer out is malloced in the size of the encrypted cipherstring, but
never freed.
-rw-r--r-- | SWIG/_aes.i | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/SWIG/_aes.i b/SWIG/_aes.i index 013531b..3977cfe 100644 --- a/SWIG/_aes.i +++ b/SWIG/_aes.i @@ -64,6 +64,7 @@ PyObject *AES_crypt(const AES_KEY *key, PyObject *in, int outlen, int op) { const void *buf; Py_ssize_t len; unsigned char *out; + PyObject *res; if (PyObject_AsReadBuffer(in, &buf, &len) == -1) return NULL; @@ -76,7 +77,9 @@ PyObject *AES_crypt(const AES_KEY *key, PyObject *in, int outlen, int op) { AES_encrypt((const unsigned char *)in, out, key); else AES_decrypt((const unsigned char *)in, out, key); - return PyString_FromStringAndSize((char*)out, outlen); + res = PyString_FromStringAndSize((char*)out, outlen); + PyMem_Free(out); + return res; } int AES_type_check(AES_KEY *key) { |