From 4251a362b52afab1195135f4ced7bd0c8f5ec970 Mon Sep 17 00:00:00 2001 From: Frank Morgner Date: Fri, 4 Aug 2017 07:08:52 +0200 Subject: [PATCH] fixed potential memory leak --- src/common/simclist.c | 6 ++++ src/libopensc/pkcs15-sc-hsm.c | 2 +- src/libopensc/pkcs15.c | 6 ++-- src/pkcs11/mechanism.c | 11 ++++++-- src/pkcs15init/pkcs15-lib.c | 9 ++++-- src/pkcs15init/pkcs15-oberthur-awp.c | 41 ++++++++++++++-------------- src/scconf/parse.c | 1 + 7 files changed, 48 insertions(+), 28 deletions(-) diff --git a/src/common/simclist.c b/src/common/simclist.c index c8e87cca..e22c2367 100644 --- a/src/common/simclist.c +++ b/src/common/simclist.c @@ -489,6 +489,12 @@ int list_insert_at(list_t *simclist_restrict l, const void *data, unsigned int p /* actually append element */ prec = list_findpos(l, pos-1); if (prec == NULL) { + if (l->attrs.copy_data) { + free(lent->data); + } + if (!(l->spareelsnum > 0)) { + free(lent); + } return -1; } succ = prec->next; diff --git a/src/libopensc/pkcs15-sc-hsm.c b/src/libopensc/pkcs15-sc-hsm.c index dd428fac..0a7d4c2d 100644 --- a/src/libopensc/pkcs15-sc-hsm.c +++ b/src/libopensc/pkcs15-sc-hsm.c @@ -191,7 +191,7 @@ static int read_file(sc_pkcs15_card_t * p15card, u8 fid[2], path.aid = sc_hsm_aid; /* we don't have a pre-known size of the file */ path.count = -1; - if (!p15card->opts.use_file_cache + if (!p15card->opts.use_file_cache || !efbin || SC_SUCCESS != sc_pkcs15_read_cached_file(p15card, &path, &efbin, len)) { /* avoid re-selection of SC-HSM */ path.aid.len = 0; diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c index d136021b..c520cd50 100644 --- a/src/libopensc/pkcs15.c +++ b/src/libopensc/pkcs15.c @@ -2362,7 +2362,8 @@ sc_pkcs15_read_file(struct sc_pkcs15_card *p15card, const struct sc_path *in_pat if (r) { r = sc_lock(p15card->card); - LOG_TEST_RET(ctx, r, "sc_lock() failed"); + if (r) + goto fail; r = sc_select_file(p15card->card, in_path, &file); if (r) goto fail_unlock; @@ -2442,9 +2443,10 @@ sc_pkcs15_read_file(struct sc_pkcs15_card *p15card, const struct sc_path *in_pat LOG_FUNC_RETURN(ctx, SC_SUCCESS); fail_unlock: + sc_unlock(p15card->card); +fail: free(data); sc_file_free(file); - sc_unlock(p15card->card); LOG_FUNC_RETURN(ctx, r); } diff --git a/src/pkcs11/mechanism.c b/src/pkcs11/mechanism.c index f3ab284a..9082d37a 100644 --- a/src/pkcs11/mechanism.c +++ b/src/pkcs11/mechanism.c @@ -1041,6 +1041,7 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card, sc_pkcs11_mechanism_type_t *hash_type, *new_type; struct hash_signature_info *info; CK_MECHANISM_INFO mech_info = sign_type->mech_info; + CK_RV rv; if (!(hash_type = sc_pkcs11_find_mechanism(p11card, hash_mech, CKF_DIGEST))) return CKR_MECHANISM_INVALID; @@ -1060,9 +1061,15 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card, new_type = sc_pkcs11_new_fw_mechanism(mech, &mech_info, sign_type->key_type, info, free_info); if (!new_type) { - free(info); + free_info(info); return CKR_HOST_MEMORY; } - return sc_pkcs11_register_mechanism(p11card, new_type); + rv = sc_pkcs11_register_mechanism(p11card, new_type); + if (CKR_OK != rv) { + new_type->free_mech_data(new_type->mech_data); + free(new_type); + } + + return rv; } diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c index 5dfe2be6..52544f13 100644 --- a/src/pkcs15init/pkcs15-lib.c +++ b/src/pkcs15init/pkcs15-lib.c @@ -903,11 +903,16 @@ sc_pkcs15init_add_app(struct sc_card *card, struct sc_profile *profile, r = sc_pkcs15init_add_object(p15card, profile, SC_PKCS15_AODF, pin_obj); if (r >= 0) { r = sc_pkcs15init_update_dir(p15card, profile, app); - if (r >= 0) + if (r >= 0) { r = sc_pkcs15init_update_tokeninfo(p15card, profile); - /* FIXME: what to do if sc_pkcs15init_update_dir failed? */ + } else { + /* FIXME: what to do if sc_pkcs15init_update_dir failed? */ + free(app->label); + free(app); /* unused */ + } } else { + free(app->label); free(app); /* unused */ } diff --git a/src/pkcs15init/pkcs15-oberthur-awp.c b/src/pkcs15init/pkcs15-oberthur-awp.c index f55f3d33..7589d146 100644 --- a/src/pkcs15init/pkcs15-oberthur-awp.c +++ b/src/pkcs15init/pkcs15-oberthur-awp.c @@ -831,12 +831,9 @@ done: static void awp_free_key_info(struct awp_key_info *ki) { - if (ki->modulus.value) - free(ki->modulus.value); - if (ki->exponent.value) - free(ki->exponent.value); - if (ki->id.value) - free(ki->id.value); + free(ki->modulus.value); + free(ki->exponent.value); + free(ki->id.value); } @@ -1072,22 +1069,24 @@ done: static void awp_free_cert_info(struct awp_cert_info *ci) { - if (ci->cn.len && ci->cn.value) - free(ci->cn.value); + if (ci) { + if (ci->cn.len && ci->cn.value) + free(ci->cn.value); - if (ci->id.len && ci->id.value) - free(ci->id.value); + if (ci->id.len && ci->id.value) + free(ci->id.value); - if (ci->subject.len && ci->subject.value) - free(ci->subject.value); + if (ci->subject.len && ci->subject.value) + free(ci->subject.value); - if (ci->issuer.len && ci->issuer.value) - free(ci->issuer.value); + if (ci->issuer.len && ci->issuer.value) + free(ci->issuer.value); - if (ci->x509) - X509_free(ci->x509); + if (ci->x509) + X509_free(ci->x509); - memset(ci,0,sizeof(struct awp_cert_info)); + memset(ci,0,sizeof(struct awp_cert_info)); + } } @@ -1495,8 +1494,8 @@ err: sc_file_free(info_file); if (cert_obj) awp_free_cert_info(&icert); - awp_free_key_info(&ikey); + SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv); } @@ -1521,6 +1520,8 @@ awp_update_df_create_pubkey(struct sc_pkcs15_card *p15card, struct sc_profile *p index = path.value[path.len-1] & 0xFF; obj_id = (path.value[path.len-1] & 0xFF) + (path.value[path.len-2] & 0xFF) * 0x100; + memset(&ikey, 0, sizeof(ikey)); + rv = awp_new_file(p15card, profile, obj->type, index, &info_file, NULL); SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "New public key info file error"); @@ -1530,7 +1531,6 @@ awp_update_df_create_pubkey(struct sc_pkcs15_card *p15card, struct sc_profile *p rv = sc_pkcs15_decode_pubkey(ctx, &pubkey, der.value, der.len); SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "AWP 'update public key' DF failed: decode public key error"); - memset(&ikey, 0, sizeof(ikey)); rv = awp_encode_key_info(p15card, obj, &pubkey.u.rsa, &ikey); SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "AWP 'update public key' DF failed: encode info error"); @@ -1543,9 +1543,8 @@ awp_update_df_create_pubkey(struct sc_pkcs15_card *p15card, struct sc_profile *p rv = awp_update_container(p15card, profile, obj->type, &ikey.id, obj_id, NULL); SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_NORMAL, rv, "AWP 'update public key' DF failed: update container error"); - awp_free_key_info(&ikey); - err: + awp_free_key_info(&ikey); sc_file_free(info_file); SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv); } diff --git a/src/scconf/parse.c b/src/scconf/parse.c index c8bf1419..b32f0e8e 100644 --- a/src/scconf/parse.c +++ b/src/scconf/parse.c @@ -166,6 +166,7 @@ scconf_item *scconf_item_add(scconf_context * config, scconf_block * block, scco } } else { /* FIXME is it an error if item is NULL? */ + free(parser.key); } return parser.current_item; }