Hi,
I was looking at aikgen.c implementation, and I found that that idreq
buffer is being created even without idreq option, it seems to be leading
to memory leaks. I have created a patch to address it.
Thanks and Regards
Avesh
diff -urNp strongswan-5.2.0dr4/src/aikgen/aikgen.c strongswan-5.2.0dr4-patch/src/aikgen/aikgen.c
--- strongswan-5.2.0dr4/src/aikgen/aikgen.c 2014-05-23 15:27:25.373081232 -0400
+++ strongswan-5.2.0dr4-patch/src/aikgen/aikgen.c 2014-05-23 15:27:11.517090881 -0400
@@ -465,12 +465,12 @@ int main(int argc, char *argv[])
{
exit_aikgen("tss 0x%x on Tspi_TPM_CollateIdentityRequest", result);
}
- identity_req = chunk_create(IdentityReq, IdentityReqLen);
- DBG3(DBG_LIB, "Identity Request: %B", &identity_req);
/* optionally output identity request encrypted with ca public key */
if (idreq_filename)
{
+ identity_req = chunk_create(IdentityReq, IdentityReqLen);
+ DBG3(DBG_LIB, "Identity Request: %B", &identity_req);
if (!chunk_write(identity_req, idreq_filename, 0022, force))
{
exit_aikgen("could not write AIK identity request file '%s': %s",
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
