diff options
author | jsing <> | 2020-09-24 17:59:54 +0000 |
---|---|---|
committer | jsing <> | 2020-09-24 17:59:54 +0000 |
commit | e516f9888833076af8ba7f8c411514db2872aa94 (patch) | |
tree | 1888b2e1b6ea589c37d114a98388a3b495d52958 /src/lib | |
parent | 8fb9c3782c59e736c9e09323162af3af8028e693 (diff) | |
download | openbsd-e516f9888833076af8ba7f8c411514db2872aa94.tar.gz openbsd-e516f9888833076af8ba7f8c411514db2872aa94.tar.bz2 openbsd-e516f9888833076af8ba7f8c411514db2872aa94.zip |
Release read and write buffers using freezero().
Provide a ssl3_release_buffer() function that correctly frees a buffer
and call it from the appropriate locations. While here also change
ssl3_release_{read,write}_buffer() to void since they cannot fail and
no callers check the return value currently.
ok beck@ inoguchi@ tb@
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/libssl/d1_lib.c | 8 | ||||
-rw-r--r-- | src/lib/libssl/d1_pkt.c | 6 | ||||
-rw-r--r-- | src/lib/libssl/ssl_both.c | 26 | ||||
-rw-r--r-- | src/lib/libssl/ssl_locl.h | 7 |
4 files changed, 26 insertions, 21 deletions
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c index 1f818307d1..758f5195e6 100644 --- a/src/lib/libssl/d1_lib.c +++ b/src/lib/libssl/d1_lib.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: d1_lib.c,v 1.46 2020/07/07 19:31:11 jsing Exp $ */ | 1 | /* $OpenBSD: d1_lib.c,v 1.47 2020/09/24 17:59:54 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
@@ -132,14 +132,14 @@ dtls1_clear_queues(SSL *s) | |||
132 | 132 | ||
133 | while ((item = pqueue_pop(D1I(s)->unprocessed_rcds.q)) != NULL) { | 133 | while ((item = pqueue_pop(D1I(s)->unprocessed_rcds.q)) != NULL) { |
134 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; | 134 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; |
135 | free(rdata->rbuf.buf); | 135 | ssl3_release_buffer(&rdata->rbuf); |
136 | free(item->data); | 136 | free(item->data); |
137 | pitem_free(item); | 137 | pitem_free(item); |
138 | } | 138 | } |
139 | 139 | ||
140 | while ((item = pqueue_pop(D1I(s)->processed_rcds.q)) != NULL) { | 140 | while ((item = pqueue_pop(D1I(s)->processed_rcds.q)) != NULL) { |
141 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; | 141 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; |
142 | free(rdata->rbuf.buf); | 142 | ssl3_release_buffer(&rdata->rbuf); |
143 | free(item->data); | 143 | free(item->data); |
144 | pitem_free(item); | 144 | pitem_free(item); |
145 | } | 145 | } |
@@ -160,7 +160,7 @@ dtls1_clear_queues(SSL *s) | |||
160 | 160 | ||
161 | while ((item = pqueue_pop(D1I(s)->buffered_app_data.q)) != NULL) { | 161 | while ((item = pqueue_pop(D1I(s)->buffered_app_data.q)) != NULL) { |
162 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; | 162 | rdata = (DTLS1_RECORD_DATA_INTERNAL *) item->data; |
163 | free(rdata->rbuf.buf); | 163 | ssl3_release_buffer(&rdata->rbuf); |
164 | free(item->data); | 164 | free(item->data); |
165 | pitem_free(item); | 165 | pitem_free(item); |
166 | } | 166 | } |
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 748ff988da..31ea52fcae 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: d1_pkt.c,v 1.81 2020/08/30 15:40:19 jsing Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.82 2020/09/24 17:59:54 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
@@ -200,7 +200,7 @@ dtls1_copy_record(SSL *s, pitem *item) | |||
200 | 200 | ||
201 | rdata = (DTLS1_RECORD_DATA_INTERNAL *)item->data; | 201 | rdata = (DTLS1_RECORD_DATA_INTERNAL *)item->data; |
202 | 202 | ||
203 | free(S3I(s)->rbuf.buf); | 203 | ssl3_release_buffer(&S3I(s)->rbuf); |
204 | 204 | ||
205 | s->internal->packet = rdata->packet; | 205 | s->internal->packet = rdata->packet; |
206 | s->internal->packet_length = rdata->packet_length; | 206 | s->internal->packet_length = rdata->packet_length; |
@@ -251,7 +251,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) | |||
251 | return (1); | 251 | return (1); |
252 | 252 | ||
253 | err: | 253 | err: |
254 | free(rdata->rbuf.buf); | 254 | ssl3_release_buffer(&rdata->rbuf); |
255 | 255 | ||
256 | init_err: | 256 | init_err: |
257 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 257 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c index 488a5ff7c9..dff44ecd41 100644 --- a/src/lib/libssl/ssl_both.c +++ b/src/lib/libssl/ssl_both.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_both.c,v 1.18 2020/05/19 16:35:20 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_both.c,v 1.19 2020/09/24 17:59:54 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -708,7 +708,7 @@ ssl3_setup_read_buffer(SSL *s) | |||
708 | S3I(s)->rbuf.len = len; | 708 | S3I(s)->rbuf.len = len; |
709 | } | 709 | } |
710 | 710 | ||
711 | s->internal->packet = &(S3I(s)->rbuf.buf[0]); | 711 | s->internal->packet = S3I(s)->rbuf.buf; |
712 | return 1; | 712 | return 1; |
713 | 713 | ||
714 | err: | 714 | err: |
@@ -759,18 +759,22 @@ ssl3_setup_buffers(SSL *s) | |||
759 | return 1; | 759 | return 1; |
760 | } | 760 | } |
761 | 761 | ||
762 | int | 762 | void |
763 | ssl3_release_write_buffer(SSL *s) | 763 | ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b) |
764 | { | 764 | { |
765 | free(S3I(s)->wbuf.buf); | 765 | freezero(b->buf, b->len); |
766 | S3I(s)->wbuf.buf = NULL; | 766 | b->buf = NULL; |
767 | return 1; | 767 | b->len = 0; |
768 | } | 768 | } |
769 | 769 | ||
770 | int | 770 | void |
771 | ssl3_release_read_buffer(SSL *s) | 771 | ssl3_release_read_buffer(SSL *s) |
772 | { | 772 | { |
773 | free(S3I(s)->rbuf.buf); | 773 | ssl3_release_buffer(&S3I(s)->rbuf); |
774 | S3I(s)->rbuf.buf = NULL; | 774 | } |
775 | return 1; | 775 | |
776 | void | ||
777 | ssl3_release_write_buffer(SSL *s) | ||
778 | { | ||
779 | ssl3_release_buffer(&S3I(s)->wbuf); | ||
776 | } | 780 | } |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index a3b8a80572..d4ba7f66d4 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_locl.h,v 1.293 2020/09/17 15:23:29 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.294 2020/09/24 17:59:54 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -1223,8 +1223,9 @@ int ssl3_setup_buffers(SSL *s); | |||
1223 | int ssl3_setup_init_buffer(SSL *s); | 1223 | int ssl3_setup_init_buffer(SSL *s); |
1224 | int ssl3_setup_read_buffer(SSL *s); | 1224 | int ssl3_setup_read_buffer(SSL *s); |
1225 | int ssl3_setup_write_buffer(SSL *s); | 1225 | int ssl3_setup_write_buffer(SSL *s); |
1226 | int ssl3_release_read_buffer(SSL *s); | 1226 | void ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b); |
1227 | int ssl3_release_write_buffer(SSL *s); | 1227 | void ssl3_release_read_buffer(SSL *s); |
1228 | void ssl3_release_write_buffer(SSL *s); | ||
1228 | int ssl3_new(SSL *s); | 1229 | int ssl3_new(SSL *s); |
1229 | void ssl3_free(SSL *s); | 1230 | void ssl3_free(SSL *s); |
1230 | int ssl3_accept(SSL *s); | 1231 | int ssl3_accept(SSL *s); |