[openssl.org #1916] [PATCH] Fix for memleaks, use after free and optimizations

Mon, 04 May 2009 00:36:40 -0700 

Hi,

Attached are some patches I have been able to create for OpenSSL beta2.

The patches have been generated using automated tests from running
Coccinelle (http://www.emn.fr/x-info/coccinelle/) on the OpenSSL
codebase. They have all been confirmed manually by source inspection.

The patches are described below:

notnull.patch
NULL tests on already tested values are removed with this patch, as
well as redundant NULL checks. For instance, if a pointer is checked
for NULL, and afterwards an error occurs, and execution moves to an
error label, there are several cases where the pointer again is
checked for NULL, which could never occur in the given code path.
Also I have found a couple of repeated code lines, where the
redundant lines are removed with this patch.

openssl_malloc.patch
This tests for cases where a pointer is not freed upon returning of
the function, and especially
before jumping to an err label (since this is so widely used in
OpenSSL). A call to OPENSSL_free() is
inserted before returning, to prevent leaks.

unused.patch
Removes unused variables, or variables that are only assigned to.

use_after_free.patch
Rearranges calls to free() and OPENSSL_free() so that pointers are not
freed until
after their last usage.

badzero.patch
To improve code readability, it seems better not to compare a
pointer-typed value to 0. This patch changes types of (pointertype
== 0) to (pointertype == NULL), and with != as well. This is of
course a matter of taste, but it seems like the majority of pointer
comparisons are done with NULL instead of 0 in the code after all.


Besides, in demos/engines/ibmca/hw_ibmca.c there is an unsigned int called ret,
which is checked for a sub-zero value in line 888 (declaration in line 878).
I guess this should be a signed variable, or the check should be removed?

What are the rules for using OPENSSL_malloc and OPENSSL_free instead of the
normal malloc/free? I could not find this anywhere in the documentation.

Best regards,
Sune Rievers

Attachment: notnull.patch
Description: Binary data

Attachment: openssl_malloc.patch
Description: Binary data

Attachment: unused.patch
Description: Binary data

Attachment: use_after_free.patch
Description: Binary data

Attachment: badzero.patch
Description: Binary data

Reply via email to