Skip to content

Commit

Permalink
Fix remaining memory leaks
Browse files Browse the repository at this point in the history
  • Loading branch information
WillChilds-Klein committed Nov 11, 2024
1 parent 5e8e80d commit e2811f4
Showing 1 changed file with 31 additions and 18 deletions.
49 changes: 31 additions & 18 deletions crypto/pkcs7/pkcs7.c
Original file line number Diff line number Diff line change
Expand Up @@ -635,7 +635,7 @@ static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) {
}

static int pkcs7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) {
BIO *btmp;
BIO *btmp = NULL;

const EVP_MD *md = EVP_get_digestbynid(OBJ_obj2nid(alg->algorithm));
if (md == NULL) {
Expand Down Expand Up @@ -742,7 +742,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) {
switch (i) {
case NID_pkcs7_signed:
md_sk = p7->d.sign->md_algs;
os = PKCS7_get_octet_string(p7->d.sign->contents);
os = PKCS7_get_octet_string(p7->d.sign->contents);
break;
case NID_pkcs7_signedAndEnveloped:
md_sk = p7->d.signed_and_enveloped->md_algs;
Expand Down Expand Up @@ -773,7 +773,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) {
break;
default:
OPENSSL_PUT_ERROR(PKCS7, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
goto err;
goto err;
}


Expand All @@ -799,6 +799,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) {
}
keylen = EVP_CIPHER_key_length(evp_cipher);
ivlen = EVP_CIPHER_iv_length(evp_cipher);
ASN1_OBJECT_free(xalg->algorithm);
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_nid(evp_cipher));
if (ivlen > 0)
RAND_bytes(iv, ivlen);
Expand All @@ -809,17 +810,16 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) {
goto err;

if (ivlen > 0) {
ASN1_TYPE_free(xalg->parameter);
xalg->parameter = ASN1_TYPE_new();
if (xalg->parameter == NULL) {
xalg->parameter = ASN1_TYPE_new();
if (xalg->parameter == NULL) {
goto err;
}
xalg->parameter->type = V_ASN1_OCTET_STRING;
xalg->parameter->value.octet_string = ASN1_OCTET_STRING_new();
goto err;
}
xalg->parameter->type = V_ASN1_OCTET_STRING;
xalg->parameter->value.octet_string = ASN1_OCTET_STRING_new();
// TODO [childw]
if (!ASN1_OCTET_STRING_set(xalg->parameter->value.octet_string, iv, ivlen)) {
goto err;
}
if (!ASN1_OCTET_STRING_set(xalg->parameter->value.octet_string, iv, ivlen)) {
goto err;
}
}

Expand All @@ -839,8 +839,19 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) {
}

if (bio == NULL) {
if (os && os->length > 0) {
bio = BIO_new_mem_buf(os->data, os->length);
if (!PKCS7_is_detached(p7) && os && os->length > 0) {
/*
* bio needs a copy of os->data instead of a pointer because
* the data will be used after os has been freed
*/
bio = BIO_new(BIO_s_mem());
if (bio != NULL) {
BIO_set_mem_eof_return(bio, 0);
if (BIO_write(bio, os->data, os->length) != os->length) {
BIO_free_all(bio);
bio = NULL;
}
}
} else {
bio = BIO_new(BIO_s_mem());
if (bio == NULL)
Expand Down Expand Up @@ -1068,14 +1079,16 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) {
if (os == NULL) {
goto err;
}
char *cont;
long contlen;
const uint8_t *cont;
size_t contlen;
btmp = BIO_find_type(bio, BIO_TYPE_MEM);
if (btmp == NULL) {
OPENSSL_PUT_ERROR(PKCS7, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
goto err;
}
contlen = BIO_get_mem_data(btmp, &cont);
if (!BIO_mem_contents(btmp, &cont, &contlen)) {
goto err;
}
/*
* Mark the BIO read only then we can use its copy of the data
* instead of making an extra copy.
Expand All @@ -1089,4 +1102,4 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) {
err:
EVP_MD_CTX_free(ctx_tmp);
return ret;
}
}

0 comments on commit e2811f4

Please sign in to comment.