The branch, master has been updated
via b57c778 rpc_server: Coverity fix for CID 1273079
from b542d1c build:wafsamba: fix a typo
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b57c77849af968e7a89df40d05b2e3ef7cef42c1
Author: Rajesh Joseph <[email protected]>
Date: Tue Mar 31 18:58:54 2015 +0530
rpc_server: Coverity fix for CID 1273079
leaked_storage: Variable pk going out of scope leaks the storage it points
to.
On failure get_pk_from_raw_keypair_params function should free up
the private key (pk) it allocates internally.
Signed-off-by: Rajesh Joseph <[email protected]>
Reviewed-by: Guenther Deschner <[email protected]>
Reviewed-by: Ira Cooper <[email protected]>
Autobuild-User(master): Günther Deschner <[email protected]>
Autobuild-Date(master): Thu Apr 2 19:38:22 CEST 2015 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source4/rpc_server/backupkey/dcesrv_backupkey.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c
b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index b3b7074..3edd1b6 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -306,6 +306,7 @@ static NTSTATUS get_pk_from_raw_keypair_params(TALLOC_CTX
*ctx,
hx509_context hctx;
RSA *rsa;
struct hx509_private_key_ops *ops;
+ hx509_private_key privkey = NULL;
hx509_context_init(&hctx);
ops =
hx509_find_private_alg(&_hx509_signature_rsa_with_var_num.algorithm);
@@ -314,13 +315,14 @@ static NTSTATUS get_pk_from_raw_keypair_params(TALLOC_CTX
*ctx,
return NT_STATUS_INTERNAL_ERROR;
}
- if (hx509_private_key_init(pk, ops, NULL) != 0) {
+ if (hx509_private_key_init(&privkey, ops, NULL) != 0) {
hx509_context_free(&hctx);
return NT_STATUS_NO_MEMORY;
}
rsa = RSA_new();
if (rsa ==NULL) {
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
@@ -328,52 +330,62 @@ static NTSTATUS get_pk_from_raw_keypair_params(TALLOC_CTX
*ctx,
rsa->n = reverse_and_get_bignum(ctx, &(keypair->modulus));
if (rsa->n == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->d = reverse_and_get_bignum(ctx, &(keypair->private_exponent));
if (rsa->d == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->p = reverse_and_get_bignum(ctx, &(keypair->prime1));
if (rsa->p == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->q = reverse_and_get_bignum(ctx, &(keypair->prime2));
if (rsa->q == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->dmp1 = reverse_and_get_bignum(ctx, &(keypair->exponent1));
if (rsa->dmp1 == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->dmq1 = reverse_and_get_bignum(ctx, &(keypair->exponent2));
if (rsa->dmq1 == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->iqmp = reverse_and_get_bignum(ctx, &(keypair->coefficient));
if (rsa->iqmp == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
rsa->e = reverse_and_get_bignum(ctx, &(keypair->public_exponent));
if (rsa->e == NULL) {
RSA_free(rsa);
+ hx509_private_key_free(&privkey);
hx509_context_free(&hctx);
return NT_STATUS_INVALID_PARAMETER;
}
+ *pk = privkey;
+
hx509_private_key_assign_rsa(*pk, rsa);
hx509_context_free(&hctx);
--
Samba Shared Repository
