wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix possible memory leak in DSA and ECC (mp_clear should always be called since async was implemented… even for fast math). Fix dynamic type mismatch in PKCS7.

Browse Source
This commit is contained in:
David Garske
2017-06-14 12:00:06 -07:00
parent 68439d4317
commit 73567853d3
3 changed files with 22 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wolfcrypt/src/dsa.c
View File

@@ -90,13 +90,11 @@ void wc_FreeDsaKey(DsaKey* key)
if (key->type == DSA_PRIVATE) if (key->type == DSA_PRIVATE)
mp_forcezero(&key->x); mp_forcezero(&key->x);
#ifndef USE_FAST_MATH
mp_clear(&key->x); mp_clear(&key->x);
mp_clear(&key->y); mp_clear(&key->y);
mp_clear(&key->g); mp_clear(&key->g);
mp_clear(&key->q); mp_clear(&key->q);
mp_clear(&key->p); mp_clear(&key->p);
#endif
} }
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN

2
wolfcrypt/src/ecc.c
View File

@@ -2583,10 +2583,8 @@ static int wc_ecc_cmp_param(const char* curveParam,
} }
} }
#ifndef USE_FAST_MATH
mp_clear(&a); mp_clear(&a);
mp_clear(&b); mp_clear(&b);
#endif
return err; return err;
} }

44
wolfcrypt/src/pkcs7.c
View File

@@ -1033,7 +1033,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
} }
flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap, flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS); DYNAMIC_TYPE_PKCS7);
flatSignedAttribsSz = esd->signedAttribsSz; flatSignedAttribsSz = esd->signedAttribsSz;
if (flatSignedAttribs == NULL) { if (flatSignedAttribs == NULL) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -1053,7 +1053,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
flatSignedAttribsSz, esd); flatSignedAttribsSz, esd);
if (ret < 0) { if (ret < 0) {
if (pkcs7->signedAttribsSz != 0) if (pkcs7->signedAttribsSz != 0)
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@@ -1095,7 +1095,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
if (outputSz < totalSz) { if (outputSz < totalSz) {
if (pkcs7->signedAttribsSz != 0) if (pkcs7->signedAttribsSz != 0)
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@@ -1154,7 +1154,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
idx += esd->signedAttribSetSz; idx += esd->signedAttribSetSz;
XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz); XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz);
idx += flatSignedAttribsSz; idx += flatSignedAttribsSz;
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
} }
XMEMCPY(output + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz); XMEMCPY(output + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz);
@@ -4168,7 +4168,7 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
attribs = (EncodedAttrib*)XMALLOC( attribs = (EncodedAttrib*)XMALLOC(
sizeof(EncodedAttrib) * pkcs7->unprotectedAttribsSz, sizeof(EncodedAttrib) * pkcs7->unprotectedAttribsSz,
pkcs7->heap, DYNAMIC_TYPE_PKCS); pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (attribs == NULL) { if (attribs == NULL) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@@ -4180,9 +4180,9 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
pkcs7->unprotectedAttribs, pkcs7->unprotectedAttribs,
pkcs7->unprotectedAttribsSz); pkcs7->unprotectedAttribsSz);
flatAttribs = (byte*)XMALLOC(attribsSz, pkcs7->heap, DYNAMIC_TYPE_PKCS); flatAttribs = (byte*)XMALLOC(attribsSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (flatAttribs == NULL) { if (flatAttribs == NULL) {
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E; return MEMORY_E;
@@ -4217,8 +4217,8 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
if (totalSz > (int)outputSz) { if (totalSz > (int)outputSz) {
WOLFSSL_MSG("PKCS#7 output buffer too small"); WOLFSSL_MSG("PKCS#7 output buffer too small");
if (pkcs7->unprotectedAttribsSz != 0) { if (pkcs7->unprotectedAttribsSz != 0) {
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
} }
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@@ -4255,8 +4255,8 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
idx += attribsSetSz; idx += attribsSetSz;
XMEMCPY(output + idx, flatAttribs, attribsSz); XMEMCPY(output + idx, flatAttribs, attribsSz);
idx += attribsSz; idx += attribsSz;
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
} }
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@@ -4298,7 +4298,7 @@ static int wc_PKCS7_DecodeUnprotectedAttributes(PKCS7* pkcs7, byte* pkiMsg,
savedIdx = idx; savedIdx = idx;
attrib = (PKCS7DecodedAttrib*)XMALLOC(sizeof(PKCS7DecodedAttrib), attrib = (PKCS7DecodedAttrib*)XMALLOC(sizeof(PKCS7DecodedAttrib),
pkcs7->heap, DYNAMIC_TYPE_PKCS); pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (attrib == NULL) { if (attrib == NULL) {
return MEMORY_E; return MEMORY_E;
} }
@@ -4306,38 +4306,38 @@ static int wc_PKCS7_DecodeUnprotectedAttributes(PKCS7* pkcs7, byte* pkiMsg,
/* save attribute OID bytes and size */ /* save attribute OID bytes and size */
if (GetObjectId(pkiMsg, &idx, &oid, oidIgnoreType, pkiMsgSz) < 0) { if (GetObjectId(pkiMsg, &idx, &oid, oidIgnoreType, pkiMsgSz) < 0) {
XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ASN_PARSE_E; return ASN_PARSE_E;
} }
attrib->oidSz = idx - savedIdx; attrib->oidSz = idx - savedIdx;
attrib->oid = (byte*)XMALLOC(attrib->oidSz, pkcs7->heap, attrib->oid = (byte*)XMALLOC(attrib->oidSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS); DYNAMIC_TYPE_PKCS7);
if (attrib->oid == NULL) { if (attrib->oid == NULL) {
XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E; return MEMORY_E;
} }
XMEMCPY(attrib->oid, pkiMsg + savedIdx, attrib->oidSz); XMEMCPY(attrib->oid, pkiMsg + savedIdx, attrib->oidSz);
/* save attribute value bytes and size */ /* save attribute value bytes and size */
if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) { if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ASN_PARSE_E; return ASN_PARSE_E;
} }
if ((pkiMsgSz - idx) < (word32)length) { if ((pkiMsgSz - idx) < (word32)length) {
XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ASN_PARSE_E; return ASN_PARSE_E;
} }
attrib->valueSz = (word32)length; attrib->valueSz = (word32)length;
attrib->value = (byte*)XMALLOC(attrib->valueSz, pkcs7->heap, attrib->value = (byte*)XMALLOC(attrib->valueSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS); DYNAMIC_TYPE_PKCS7);
if (attrib->value == NULL) { if (attrib->value == NULL) {
XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS); XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return MEMORY_E; return MEMORY_E;
} }
XMEMCPY(attrib->value, pkiMsg + idx, attrib->valueSz); XMEMCPY(attrib->value, pkiMsg + idx, attrib->valueSz);