Hello, The patch below fixes several resource leaks in trousers.
Signed-off-by: Steve Grubb <[email protected]> diff -urp trousers-0.3.9.orig/src/tcs/tcs_aik.c trousers-0.3.9/src/tcs/tcs_aik.c --- trousers-0.3.9.orig/src/tcs/tcs_aik.c 2011-05-04 10:33:11.000000000 -0400 +++ trousers-0.3.9/src/tcs/tcs_aik.c 2012-06-22 11:53:07.501720558 -0400 @@ -114,6 +114,7 @@ get_credential(UINT32 type, UINT32 *size if ((rc = fstat(fd, &stat_buf)) == -1) { LogError("Error stating credential: %s: %s", path, strerror(errno)); + close(fd); goto done; } diff -urp trousers-0.3.9.orig/src/tcs/tcs_evlog_biosem.c trousers-0.3.9/src/tcs/tcs_evlog_biosem.c --- trousers-0.3.9.orig/src/tcs/tcs_evlog_biosem.c 2011-05-04 10:33:11.000000000 -0400 +++ trousers-0.3.9/src/tcs/tcs_evlog_biosem.c 2012-06-22 12:02:59.190735091 -0400 @@ -125,7 +125,7 @@ bios_get_entries_by_pcr(FILE *handle, UI event->eventDataSize, 1, handle)) <= 0) { LogError("read from event source failed: %s", strerror(errno)); - return result; + goto free_list; } } else { cur->event.rgbEvent = NULL; diff -urp trousers-0.3.9.orig/src/tcs/tcs_evlog_imaem.c trousers-0.3.9/src/tcs/tcs_evlog_imaem.c --- trousers-0.3.9.orig/src/tcs/tcs_evlog_imaem.c 2011-05-04 10:33:11.000000000 -0400 +++ trousers-0.3.9/src/tcs/tcs_evlog_imaem.c 2012-06-22 12:06:57.078740934 -0400 @@ -80,14 +80,19 @@ ima_get_entries_by_pcr(FILE *handle, UIN char page[IMA_READ_SIZE]; int error_path = 1, ptr = 0; UINT32 copied_events = 0, i; - struct event_wrapper *list = calloc(1, sizeof(struct event_wrapper)); + struct event_wrapper *list; struct event_wrapper *cur = list; TSS_RESULT result = TCSERR(TSS_E_INTERNAL_ERROR); FILE *fp = (FILE *) handle; uint len; char name[255]; - if (list == NULL) { + if (!fp) { + perror("unable to open file\n"); + return 1; + } + + if ((list = calloc(1, sizeof(struct event_wrapper))) == NULL) { LogError("malloc of %zd bytes failed.", sizeof(struct event_wrapper)); return TCSERR(TSS_E_OUTOFMEMORY); } @@ -97,10 +102,6 @@ ima_get_entries_by_pcr(FILE *handle, UIN goto free_list; } - if (!fp) { - perror("unable to open file\n"); - return 1; - } rewind(fp); while (fread(page, 24, 1, fp)) { diff -urp trousers-0.3.9.orig/src/tcsd/tcsd_conf.c trousers-0.3.9/src/tcsd/tcsd_conf.c --- trousers-0.3.9.orig/src/tcsd/tcsd_conf.c 2011-07-06 12:24:21.000000000 -0400 +++ trousers-0.3.9/src/tcsd/tcsd_conf.c 2012-06-22 11:46:38.155710997 -0400 @@ -107,6 +107,7 @@ platform_class_list_append(struct tcsd_c new_class->classURI = malloc(new_class->classURISize); if (new_class->classURI == NULL) { LogError("malloc of %u bytes failed", new_class->classURISize); + free(new_class); return TCSERR(TSS_E_OUTOFMEMORY); } memcpy(new_class->classURI, tcg_platform_specs[i].specURI, diff -urp trousers-0.3.9.orig/src/trspi/trousers.c trousers-0.3.9/src/trspi/trousers.c --- trousers-0.3.9.orig/src/trspi/trousers.c 2012-05-30 11:10:51.000000000 -0400 +++ trousers-0.3.9/src/trspi/trousers.c 2012-06-22 11:58:35.456728614 -0400 @@ -1624,6 +1624,7 @@ Trspi_UNICODE_To_Native(BYTE *string, un if ((tmplen = hacky_strlen("UTF-16", string)) == 0) { LogDebug("hacky_strlen returned 0"); + iconv_close(cd); return 0; } diff -urp trousers-0.3.9.orig/src/tspi/ssl_ui.c trousers-0.3.9/src/tspi/ssl_ui.c --- trousers-0.3.9.orig/src/tspi/ssl_ui.c 2012-01-03 17:15:43.000000000 -0500 +++ trousers-0.3.9/src/tspi/ssl_ui.c 2012-06-22 11:45:34.450709434 -0400 @@ -51,6 +51,7 @@ static TSS_RESULT do_ui(BYTE *string, UI unicode = Trspi_Native_To_UNICODE((BYTE *)pin_buf, string_len); memset(string, 0, UI_MAX_SECRET_STRING_LENGTH); memcpy(string, unicode, *string_len); + free(unicode); out: UI_free(ui); no_ui: diff -urp trousers-0.3.9.orig/src/tspi/tsp_delegate.c trousers-0.3.9/src/tspi/tsp_delegate.c --- trousers-0.3.9.orig/src/tspi/tsp_delegate.c 2011-05-04 10:33:11.000000000 -0400 +++ trousers-0.3.9/src/tspi/tsp_delegate.c 2012-06-22 11:56:22.487725352 -0400 @@ -136,6 +136,7 @@ create_owner_delegation(TSS_HTPM h if ((result = authsess_xsap_init(hContext, hTpm, hDelegation, TSS_AUTH_POLICY_NOT_REQUIRED, TPM_ORD_Delegate_CreateOwnerDelegation, TPM_ET_OWNER, &xsap))) + free(publicInfo); return result; result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1); @@ -223,6 +224,7 @@ create_key_delegation(TSS_HKEY hKe if ((result = authsess_xsap_init(hContext, hKey, hDelegation, TSS_AUTH_POLICY_REQUIRED, TPM_ORD_Delegate_CreateKeyDelegation, TPM_ET_KEYHANDLE, &xsap))) + free(publicInfo); return result; result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1); ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
