Em 11-04-2014 06:51, Fuchs, Andreas escreveu: > Disclaimer: > I could not complie-test or runtime-test these patches right now. This is a > pure code-only review of the patches. > > The patch is not correct. The free may only be performed in case of result == > TSS2_SUCCESS. The current version has a potential double-free. In case of > error, RPC_ExecuteTransport_TP will falsely free this memory. > > This needs to be fixed inside RPC_ExecuteTransport_TP then this patch would > be correct, but a bunch of other places would probably need to be adjusted as > well. > > This is going to be a major rewrite I fear... You're absolutely right. In fact, the dynamics of the Transport_TerminateHandle are very weird. One of the functions called by obj_context_transport_execute already does memory allocation (and doesn't free the memory coming from the former).
I'll take some more time to think about this one. > Am Mittwoch, den 09.04.2014, 15:41 -0300 schrieb [email protected]: >> From: Richard Maciel <[email protected]> >> >> Related to coverity CID 10307. >> >> Pointer handles got memory allocated for it, but that memory is never >> freed at the end of the function. >> >> Signed-off-by: Richard Maciel <[email protected]> >> --- >> src/tspi/tsp_auth.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/src/tspi/tsp_auth.c b/src/tspi/tsp_auth.c >> index 5ee6f5d..f11fa60 100755 >> --- a/src/tspi/tsp_auth.c >> +++ b/src/tspi/tsp_auth.c >> @@ -1225,6 +1225,8 @@ Transport_TerminateHandle(TSS_HCONTEXT tspContext, /* >> in */ >> result = obj_context_transport_execute(tspContext, >> TPM_ORD_Terminate_Handle, 0, NULL, >> NULL, &handlesLen, &handles, >> NULL, NULL, NULL, NULL); >> >> + free(handles); >> + >> return result; >> } >> #endif ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
