LibreSSL memory leak fix
Hi All, From OpenSSL RT: http://rt.openssl.org/Ticket/Display.html?id=3278user=guestpass=guest len can be 0 as well, and in which case, memory isn't freed. Patch from Frantisek Boranek: Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c === RCS file: /cvs/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c,v retrieving revision 1.12 diff -u -p -u -p -r1.12 p12_kiss.c --- lib/libssl/src/crypto/pkcs12/p12_kiss.c 17 Apr 2014 13:37:49 - 1.12 +++ lib/libssl/src/crypto/pkcs12/p12_kiss.c 4 Jun 2014 09:08:37 - @@ -269,7 +269,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag int len, r; unsigned char *data; len = ASN1_STRING_to_UTF8(data, fname); - if(len 0) { + if(len = 0) { r = X509_alias_set1(x509, data, len); free(data); if (!r)
Re: LibreSSL memory leak fix
Hi All, From OpenSSL RT: http://rt.openssl.org/Ticket/Display.html?id=3278user=guestpass=guest len can be 0 as well, and in which case, memory isn't freed. Correct. If successful, data is actually a malloc(len + 1), thus if len == 0, we leak a \0 byte... Patch from Frantisek Boranek: Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c === RCS file: /cvs/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c,v retrieving revision 1.12 diff -u -p -u -p -r1.12 p12_kiss.c --- lib/libssl/src/crypto/pkcs12/p12_kiss.c 17 Apr 2014 13:37:49 - 1.12 +++ lib/libssl/src/crypto/pkcs12/p12_kiss.c 4 Jun 2014 09:08:37 - @@ -269,7 +269,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag int len, r; unsigned char *data; len = ASN1_STRING_to_UTF8(data, fname); - if(len 0) { + if(len = 0) { r = X509_alias_set1(x509, data, len); free(data); if (!r)
Re: LibreSSL memory leak fix
I think that is: #include cryptlib.h and not #include cryptlib.h --- bss_dgram.c-bk Tue Jun 3 13:11:18 2014 +++ bss_dgram.c Tue Jun 3 17:32:09 2014 @@ -61,7 +61,7 @@ #include stdio.h #include errno.h #include unistd.h -#include cryptlib.h +#include cryptlib.h #include openssl/bio.h #include netdb.h #include sys/socket.h
Re: LibreSSL memory leak fix
On Tue, Jun 3, 2014 at 2:56 PM, deoxyt2 deox...@lacamaradegas.cl wrote: I think that is: #include cryptlib.h and not #include cryptlib.h No. cryptlib.h isn't installed under /usr/include Philip Guenther
LibreSSL memory leak fix
Hi All, From Martin Brejcha: Index: src/lib/libssl/src/crypto/bio/bss_dgram.c === RCS file: /cvs/src/lib/libssl/src/crypto/bio/bss_dgram.c,v retrieving revision 1.25 diff -u -p -u -p -r1.25 bss_dgram.c --- src/lib/libssl/src/crypto/bio/bss_dgram.c 27 Apr 2014 20:26:48 - 1.25 +++ src/lib/libssl/src/crypto/bio/bss_dgram.c 2 Jun 2014 07:20:34 - @@ -1224,6 +1224,7 @@ dgram_sctp_ctrl(BIO *b, int cmd, long nu memcpy(authkey-sca_key[0], ptr, 64 * sizeof(uint8_t)); ret = setsockopt(b-num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len); + free(authkey); if (ret 0) break;
Re: LibreSSL memory leak fix
ok. Note this codepath is not compiled under OpenBSD. Index: src/lib/libssl/src/crypto/bio/bss_dgram.c === RCS file: /cvs/src/lib/libssl/src/crypto/bio/bss_dgram.c,v retrieving revision 1.25 diff -u -p -u -p -r1.25 bss_dgram.c --- src/lib/libssl/src/crypto/bio/bss_dgram.c 27 Apr 2014 20:26:48 - 1.25 +++ src/lib/libssl/src/crypto/bio/bss_dgram.c 2 Jun 2014 07:20:34 - @@ -1224,6 +1224,7 @@ dgram_sctp_ctrl(BIO *b, int cmd, long nu memcpy(authkey-sca_key[0], ptr, 64 * sizeof(uint8_t)); ret = setsockopt(b-num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, sockopt_len); + free(authkey); if (ret 0) break;