summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorjsing <>2020-09-24 17:59:54 +0000
committerjsing <>2020-09-24 17:59:54 +0000
commite516f9888833076af8ba7f8c411514db2872aa94 (patch)
tree1888b2e1b6ea589c37d114a98388a3b495d52958 /src/lib
parent8fb9c3782c59e736c9e09323162af3af8028e693 (diff)
downloadopenbsd-e516f9888833076af8ba7f8c411514db2872aa94.tar.gz
openbsd-e516f9888833076af8ba7f8c411514db2872aa94.tar.bz2
openbsd-e516f9888833076af8ba7f8c411514db2872aa94.zip
Release read and write buffers using freezero().
Provide a ssl3_release_buffer() function that correctly frees a buffer and call it from the appropriate locations. While here also change ssl3_release_{read,write}_buffer() to void since they cannot fail and no callers check the return value currently. ok beck@ inoguchi@ tb@
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/d1_lib.c8
-rw-r--r--src/lib/libssl/d1_pkt.c6
-rw-r--r--src/lib/libssl/ssl_both.c26
-rw-r--r--src/lib/libssl/ssl_locl.h7
4 files changed, 26 insertions, 21 deletions
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index 1f818307d1..758f5195e6 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_lib.c,v 1.46 2020/07/07 19:31:11 jsing Exp $ */ 1/* $OpenBSD: d1_lib.c,v 1.47 2020/09/24 17:59:54 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -132,14 +132,14 @@ dtls1_clear_queues(SSL *s)
132 132
133 while ((item = pqueue_pop(D1I(s)->unprocessed_rcds.q)) != NULL) { 133 while ((item = pqueue_pop(D1I(s)->unprocessed_rcds.q)) != NULL) {
134 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; 134 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data;
135 free(rdata->rbuf.buf); 135 ssl3_release_buffer(&rdata->rbuf);
136 free(item->data); 136 free(item->data);
137 pitem_free(item); 137 pitem_free(item);
138 } 138 }
139 139
140 while ((item = pqueue_pop(D1I(s)->processed_rcds.q)) != NULL) { 140 while ((item = pqueue_pop(D1I(s)->processed_rcds.q)) != NULL) {
141 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; 141 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data;
142 free(rdata->rbuf.buf); 142 ssl3_release_buffer(&rdata->rbuf);
143 free(item->data); 143 free(item->data);
144 pitem_free(item); 144 pitem_free(item);
145 } 145 }
@@ -160,7 +160,7 @@ dtls1_clear_queues(SSL *s)
160 160
161 while ((item = pqueue_pop(D1I(s)->buffered_app_data.q)) != NULL) { 161 while ((item = pqueue_pop(D1I(s)->buffered_app_data.q)) != NULL) {
162 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; 162 rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data;
163 free(rdata->rbuf.buf); 163 ssl3_release_buffer(&rdata->rbuf);
164 free(item->data); 164 free(item->data);
165 pitem_free(item); 165 pitem_free(item);
166 } 166 }
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 748ff988da..31ea52fcae 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.81 2020/08/30 15:40:19 jsing Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.82 2020/09/24 17:59:54 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -200,7 +200,7 @@ dtls1_copy_record(SSL *s, pitem *item)
200 200
201 rdata = (DTLS1_RECORD_DATA_INTERNAL *)item->data; 201 rdata = (DTLS1_RECORD_DATA_INTERNAL *)item->data;
202 202
203 free(S3I(s)->rbuf.buf); 203 ssl3_release_buffer(&S3I(s)->rbuf);
204 204
205 s->internal->packet = rdata->packet; 205 s->internal->packet = rdata->packet;
206 s->internal->packet_length = rdata->packet_length; 206 s->internal->packet_length = rdata->packet_length;
@@ -251,7 +251,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
251 return (1); 251 return (1);
252 252
253err: 253err:
254 free(rdata->rbuf.buf); 254 ssl3_release_buffer(&rdata->rbuf);
255 255
256init_err: 256init_err:
257 SSLerror(s, ERR_R_INTERNAL_ERROR); 257 SSLerror(s, ERR_R_INTERNAL_ERROR);
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 488a5ff7c9..dff44ecd41 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.18 2020/05/19 16:35:20 jsing Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.19 2020/09/24 17:59:54 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -708,7 +708,7 @@ ssl3_setup_read_buffer(SSL *s)
708 S3I(s)->rbuf.len = len; 708 S3I(s)->rbuf.len = len;
709 } 709 }
710 710
711 s->internal->packet = &(S3I(s)->rbuf.buf[0]); 711 s->internal->packet = S3I(s)->rbuf.buf;
712 return 1; 712 return 1;
713 713
714err: 714err:
@@ -759,18 +759,22 @@ ssl3_setup_buffers(SSL *s)
759 return 1; 759 return 1;
760} 760}
761 761
762int 762void
763ssl3_release_write_buffer(SSL *s) 763ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b)
764{ 764{
765 free(S3I(s)->wbuf.buf); 765 freezero(b->buf, b->len);
766 S3I(s)->wbuf.buf = NULL; 766 b->buf = NULL;
767 return 1; 767 b->len = 0;
768} 768}
769 769
770int 770void
771ssl3_release_read_buffer(SSL *s) 771ssl3_release_read_buffer(SSL *s)
772{ 772{
773 free(S3I(s)->rbuf.buf); 773 ssl3_release_buffer(&S3I(s)->rbuf);
774 S3I(s)->rbuf.buf = NULL; 774}
775 return 1; 775
776void
777ssl3_release_write_buffer(SSL *s)
778{
779 ssl3_release_buffer(&S3I(s)->wbuf);
776} 780}
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index a3b8a80572..d4ba7f66d4 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.293 2020/09/17 15:23:29 jsing Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.294 2020/09/24 17:59:54 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1223,8 +1223,9 @@ int ssl3_setup_buffers(SSL *s);
1223int ssl3_setup_init_buffer(SSL *s); 1223int ssl3_setup_init_buffer(SSL *s);
1224int ssl3_setup_read_buffer(SSL *s); 1224int ssl3_setup_read_buffer(SSL *s);
1225int ssl3_setup_write_buffer(SSL *s); 1225int ssl3_setup_write_buffer(SSL *s);
1226int ssl3_release_read_buffer(SSL *s); 1226void ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b);
1227int ssl3_release_write_buffer(SSL *s); 1227void ssl3_release_read_buffer(SSL *s);
1228void ssl3_release_write_buffer(SSL *s);
1228int ssl3_new(SSL *s); 1229int ssl3_new(SSL *s);
1229void ssl3_free(SSL *s); 1230void ssl3_free(SSL *s);
1230int ssl3_accept(SSL *s); 1231int ssl3_accept(SSL *s);