I ran make which regenerated the objects, thanks for pointing that
out, I attached an updated patch without the change.
---
Kurt Cancemi
https://www.x64architecture.com
On Thu, Aug 28, 2014 at 12:41 PM, Kurt Roeckx <k...@roeckx.be> wrote:
> On Thu, Aug 28, 2014 at 03:11:14PM +0200, Kurt Cancemi via RT wrote:
>> The attached updated patch fixes a style error.
>
> I still have a bunch of other patches like this to go thru, but
> did a quick look at this, and at least this looks weird:
>
>> --- a/crypto/objects/obj_xref.h
>> +++ b/crypto/objects/obj_xref.h
>> @@ -54,8 +54,8 @@ static const nid_triple sigoid_srt[] =
>> static const nid_triple * const sigoid_srt_xref[] =
>> {
>> &sigoid_srt[29],
>> - &sigoid_srt[17],
>> &sigoid_srt[18],
>> + &sigoid_srt[17],
>> &sigoid_srt[0],
>> &sigoid_srt[1],
>> &sigoid_srt[7],
>
> Can you explain that?
>
>
> Kurt
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List openssl-dev@openssl.org
> Automated List Manager majord...@openssl.org
From e5ec6311b407e52e096ad0197814e77176b4c9f9 Mon Sep 17 00:00:00 2001
From: Kurt Cancemi <k...@x64architecture.com>
Date: Thu, 28 Aug 2014 13:48:39 -0400
Subject: [PATCH] Fix memory leaks.
---
crypto/asn1/x_x509a.c | 21 ++++++++++++++++-----
crypto/ec/ec_ameth.c | 1 +
crypto/ec/ec_mult.c | 1 +
crypto/ec/ecp_mont.c | 7 +++++--
crypto/pkcs7/pk7_smime.c | 1 +
crypto/x509/x509_trs.c | 2 ++
crypto/x509/x509_vfy.c | 1 +
crypto/x509v3/pcy_data.c | 4 ++++
crypto/x509v3/pcy_tree.c | 3 +++
9 files changed, 34 insertions(+), 7 deletions(-)
diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c
index 03a9c45..ec3da38 100644
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -159,12 +159,23 @@ int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
{
X509_CERT_AUX *aux;
- ASN1_OBJECT *objtmp;
- if(!(objtmp = OBJ_dup(obj))) return 0;
- if(!(aux = aux_get(x))) return 0;
- if(!aux->reject
- && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0;
+ ASN1_OBJECT *objtmp = NULL;
+ if (obj)
+ {
+ objtmp = OBJ_dup(obj);
+ if (!objtmp)
+ return 0;
+ }
+ if(!(aux = aux_get(x)))
+ goto err;
+ if(!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
+ goto err;
return sk_ASN1_OBJECT_push(aux->reject, objtmp);
+
+ err:
+ if (objtmp)
+ ASN1_OBJECT_free(objtmp);
+ return 0;
}
void X509_trust_clear(X509 *x)
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index a149bf6..15e86c4 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -387,6 +387,7 @@ static int ec_bits(const EVP_PKEY *pkey)
group = EC_KEY_get0_group(pkey->pkey.ec);
if (!EC_GROUP_get_order(group, order, NULL))
{
+ BN_free(order);
ERR_clear_error();
return 0;
}
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index fb693c3..3b23c5d 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -535,6 +535,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
if (numblocks > pre_comp->numblocks)
{
ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+ OPENSSL_free(tmp_wNAF);
goto err;
}
totalnum = num + numblocks;
diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c
index 232ae34..2735957 100644
--- a/crypto/ec/ecp_mont.c
+++ b/crypto/ec/ecp_mont.c
@@ -229,8 +229,11 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *
}
one = BN_new();
if (one == NULL) goto err;
- if (!BN_to_montgomery(one, BN_value_one(), mont, ctx)) goto err;
-
+ if (!BN_to_montgomery(one, BN_value_one(), mont, ctx))
+ {
+ BN_free(one);
+ goto err;
+ }
group->field_data1 = mont;
mont = NULL;
group->field_data2 = one;
diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c
index a5104f8..9024ce8 100644
--- a/crypto/pkcs7/pk7_smime.c
+++ b/crypto/pkcs7/pk7_smime.c
@@ -364,6 +364,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
if (tmpin == NULL)
{
PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
+ sk_X509_free(signers);
return 0;
}
}
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index 3d7e068..5781573 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -206,10 +206,12 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
if(idx == -1) {
if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(trtmp);
return 0;
}
if (!sk_X509_TRUST_push(trtable, trtmp)) {
X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(trtmp);
return 0;
}
}
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 85aa113..ae4fff9 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -353,6 +353,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
x = xtmp;
if (!sk_X509_push(ctx->chain,x))
{
+ sk_X509_free(sktmp);
X509_free(xtmp);
X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
return 0;
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index 3444b03..2bb5868 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -99,7 +99,11 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
id = NULL;
ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
if (!ret)
+ {
+ if (id)
+ ASN1_OBJECT_free(id);
return NULL;
+ }
ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
if (!ret->expected_policy_set)
{
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 47b1bf8..f8658ba 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -684,7 +684,10 @@ static int tree_calculate_user_set(X509_POLICY_TREE *tree,
{
tree->user_policies = sk_X509_POLICY_NODE_new_null();
if (!tree->user_policies)
+ {
+ OPENSSL_free(node);
return 1;
+ }
}
if (!sk_X509_POLICY_NODE_push(tree->user_policies, node))
return 0;
--
2.1.0
