From be0fb4329cddeefa911490f2b43cba7e095d4112 Mon Sep 17 00:00:00 2001 From: jsg <> Date: Thu, 17 Apr 2014 17:30:22 +0000 Subject: fix some of the leaks ok miod@ looks good deraadt@ --- src/lib/libcrypto/asn1/asn_mime.c | 8 ++++++-- src/lib/libcrypto/ocsp/ocsp_ht.c | 14 +++++++++++--- src/lib/libcrypto/pem/pvkfmt.c | 4 +++- src/lib/libcrypto/x509/x509_lu.c | 4 +++- src/lib/libssl/src/crypto/asn1/asn_mime.c | 8 ++++++-- src/lib/libssl/src/crypto/ocsp/ocsp_ht.c | 14 +++++++++++--- src/lib/libssl/src/crypto/pem/pvkfmt.c | 4 +++- src/lib/libssl/src/crypto/x509/x509_lu.c | 4 +++- 8 files changed, 46 insertions(+), 14 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c index d94b3cd6f8..3de73fdb1e 100644 --- a/src/lib/libcrypto/asn1/asn_mime.c +++ b/src/lib/libcrypto/asn1/asn_mime.c @@ -823,10 +823,14 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } else tmpval = NULL; mhdr = (MIME_HEADER *) malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; + if (!mhdr) + return NULL; mhdr->name = tmpname; mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; + if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) { + free(mhdr); + return NULL; + } return mhdr; } diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c index 17b252d6a8..0fa23b027b 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ b/src/lib/libcrypto/ocsp/ocsp_ht.c @@ -167,16 +167,24 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = malloc(rctx->iobuflen); - if (!rctx->iobuf) + if (!rctx->iobuf) { + free(rctx); return 0; + } if (!path) path = "/"; - if (BIO_printf(rctx->mem, post_hdr, path) <= 0) + if (BIO_printf(rctx->mem, post_hdr, path) <= 0) { + free(rctx->iobuf); + free(rctx); return 0; + } - if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) + if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) { + free(rctx->iobuf); + free(rctx); return 0; + } return rctx; } diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c index 8da8e77973..59af2020ab 100644 --- a/src/lib/libcrypto/pem/pvkfmt.c +++ b/src/lib/libcrypto/pem/pvkfmt.c @@ -753,8 +753,10 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, return NULL; } if (!derive_pvk_key(keybuf, p, saltlen, - (unsigned char *)psbuf, inlen)) + (unsigned char *)psbuf, inlen)) { + free(enctmp); return NULL; + } p += saltlen; /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c index 644ea83bac..cbbe8e86f8 100644 --- a/src/lib/libcrypto/x509/x509_lu.c +++ b/src/lib/libcrypto/x509/x509_lu.c @@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void) ret->verify=0; ret->verify_cb=0; - if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) + if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) { + free(ret); return NULL; + } ret->get_issuer = 0; ret->check_issued = 0; diff --git a/src/lib/libssl/src/crypto/asn1/asn_mime.c b/src/lib/libssl/src/crypto/asn1/asn_mime.c index d94b3cd6f8..3de73fdb1e 100644 --- a/src/lib/libssl/src/crypto/asn1/asn_mime.c +++ b/src/lib/libssl/src/crypto/asn1/asn_mime.c @@ -823,10 +823,14 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } else tmpval = NULL; mhdr = (MIME_HEADER *) malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; + if (!mhdr) + return NULL; mhdr->name = tmpname; mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; + if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) { + free(mhdr); + return NULL; + } return mhdr; } diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c index 17b252d6a8..0fa23b027b 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c @@ -167,16 +167,24 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = malloc(rctx->iobuflen); - if (!rctx->iobuf) + if (!rctx->iobuf) { + free(rctx); return 0; + } if (!path) path = "/"; - if (BIO_printf(rctx->mem, post_hdr, path) <= 0) + if (BIO_printf(rctx->mem, post_hdr, path) <= 0) { + free(rctx->iobuf); + free(rctx); return 0; + } - if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) + if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) { + free(rctx->iobuf); + free(rctx); return 0; + } return rctx; } diff --git a/src/lib/libssl/src/crypto/pem/pvkfmt.c b/src/lib/libssl/src/crypto/pem/pvkfmt.c index 8da8e77973..59af2020ab 100644 --- a/src/lib/libssl/src/crypto/pem/pvkfmt.c +++ b/src/lib/libssl/src/crypto/pem/pvkfmt.c @@ -753,8 +753,10 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, return NULL; } if (!derive_pvk_key(keybuf, p, saltlen, - (unsigned char *)psbuf, inlen)) + (unsigned char *)psbuf, inlen)) { + free(enctmp); return NULL; + } p += saltlen; /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); diff --git a/src/lib/libssl/src/crypto/x509/x509_lu.c b/src/lib/libssl/src/crypto/x509/x509_lu.c index 644ea83bac..cbbe8e86f8 100644 --- a/src/lib/libssl/src/crypto/x509/x509_lu.c +++ b/src/lib/libssl/src/crypto/x509/x509_lu.c @@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void) ret->verify=0; ret->verify_cb=0; - if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) + if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) { + free(ret); return NULL; + } ret->get_issuer = 0; ret->check_issued = 0; -- cgit v1.2.3-55-g6feb