LibreSSL memory leak fix

[Loganaden Velvindron]

Hi All,

From OpenSSL RT:
http://rt.openssl.org/Ticket/Display.html?id=3278user=guestpass=guest

len can be 0 as well, and in which case, memory isn't freed. 


Patch from Frantisek Boranek:

Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c,v
retrieving revision 1.12
diff -u -p -u -p -r1.12 p12_kiss.c
--- lib/libssl/src/crypto/pkcs12/p12_kiss.c 17 Apr 2014 13:37:49 -  
1.12
+++ lib/libssl/src/crypto/pkcs12/p12_kiss.c 4 Jun 2014 09:08:37 -
@@ -269,7 +269,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag
int len, r;
unsigned char *data;
len = ASN1_STRING_to_UTF8(data, fname);
-   if(len  0) {
+   if(len = 0) {
r = X509_alias_set1(x509, data, len);
free(data);
if (!r)

Re: LibreSSL memory leak fix

[Miod Vallat]

 Hi All,
 
 From OpenSSL RT:
 http://rt.openssl.org/Ticket/Display.html?id=3278user=guestpass=guest
 
 len can be 0 as well, and in which case, memory isn't freed. 

Correct. If successful, data is actually a malloc(len + 1), thus if
len == 0, we leak a \0 byte...

 Patch from Frantisek Boranek:
 
 Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c
 ===
 RCS file: /cvs/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c,v
 retrieving revision 1.12
 diff -u -p -u -p -r1.12 p12_kiss.c
 --- lib/libssl/src/crypto/pkcs12/p12_kiss.c   17 Apr 2014 13:37:49 -  
 1.12
 +++ lib/libssl/src/crypto/pkcs12/p12_kiss.c   4 Jun 2014 09:08:37 -
 @@ -269,7 +269,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag
   int len, r;
   unsigned char *data;
   len = ASN1_STRING_to_UTF8(data, fname);
 - if(len  0) {
 + if(len = 0) {
   r = X509_alias_set1(x509, data, len);
   free(data);
   if (!r)
 

Re: LibreSSL memory leak fix

[deoxyt2]

I think that is:

#include cryptlib.h

and not

#include cryptlib.h


--- bss_dgram.c-bk  Tue Jun  3 13:11:18 2014
+++ bss_dgram.c Tue Jun  3 17:32:09 2014
@@ -61,7 +61,7 @@
 #include stdio.h
 #include errno.h
 #include unistd.h
-#include cryptlib.h
+#include cryptlib.h
 #include openssl/bio.h
 #include netdb.h
 #include sys/socket.h

Re: LibreSSL memory leak fix

[Philip Guenther]

On Tue, Jun 3, 2014 at 2:56 PM, deoxyt2 deox...@lacamaradegas.cl wrote:

 I think that is:

 #include cryptlib.h

 and not

 #include cryptlib.h


No.  cryptlib.h isn't installed under /usr/include


Philip Guenther

LibreSSL memory leak fix

[Loganaden Velvindron]

Hi All,

From Martin Brejcha:



Index: src/lib/libssl/src/crypto/bio/bss_dgram.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/bio/bss_dgram.c,v
retrieving revision 1.25
diff -u -p -u -p -r1.25 bss_dgram.c
--- src/lib/libssl/src/crypto/bio/bss_dgram.c   27 Apr 2014 20:26:48 -  
1.25
+++ src/lib/libssl/src/crypto/bio/bss_dgram.c   2 Jun 2014 07:20:34 -
@@ -1224,6 +1224,7 @@ dgram_sctp_ctrl(BIO *b, int cmd, long nu
memcpy(authkey-sca_key[0], ptr, 64 * sizeof(uint8_t));
 
ret = setsockopt(b-num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, 
sockopt_len);
+   free(authkey);
if (ret  0)
break;
 

Re: LibreSSL memory leak fix

[Miod Vallat]

ok. Note this codepath is not compiled under OpenBSD.

 Index: src/lib/libssl/src/crypto/bio/bss_dgram.c
 ===
 RCS file: /cvs/src/lib/libssl/src/crypto/bio/bss_dgram.c,v
 retrieving revision 1.25
 diff -u -p -u -p -r1.25 bss_dgram.c
 --- src/lib/libssl/src/crypto/bio/bss_dgram.c 27 Apr 2014 20:26:48 -  
 1.25
 +++ src/lib/libssl/src/crypto/bio/bss_dgram.c 2 Jun 2014 07:20:34 -
 @@ -1224,6 +1224,7 @@ dgram_sctp_ctrl(BIO *b, int cmd, long nu
   memcpy(authkey-sca_key[0], ptr, 64 * sizeof(uint8_t));
  
   ret = setsockopt(b-num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey, 
 sockopt_len);
 + free(authkey);
   if (ret  0)
   break;