Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 3eb70c5e 编写于 作者: F FdaSilvaYY 提交者: Kurt Roeckx
浏览文件
操作

Fix possible memory leak on BUF_MEM_grow_clean failure 

Simplify BUF_MEM init. code
Signed-off-by: NKurt Roeckx <kurt@roeckx.be>
Reviewed-by: NRich Salz <rsalz@openssl.org>

GH: #580
上级 642a6138
隐藏空白更改
内联 并排
Showing with 6 addition and 8 deletion
crypto/asn1/tasn_dec.c
浏览文件 @ 3eb70c5e
...@@ -668,7 +668,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, ...@@ -668,7 +668,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
long plen; long plen;
char cst, inf, free_cont = 0; char cst, inf, free_cont = 0;
const unsigned char *p; const unsigned char *p;
BUF_MEM buf = { 0 }; BUF_MEM buf = { 0, NULL, 0, 0 };
const unsigned char *cont = NULL; const unsigned char *cont = NULL;
long len; long len;
if (!pval) { if (!pval) {
...@@ -744,7 +744,6 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, ...@@ -744,7 +744,6 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
} else { } else {
len = p - cont + plen; len = p - cont + plen;
p += plen; p += plen;
buf.data = NULL;
} }
} else if (cst) { } else if (cst) {
if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
...@@ -753,9 +752,9 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, ...@@ -753,9 +752,9 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE); ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
return 0; return 0;
} }
buf.length = 0;
buf.max = 0; /* Free any returned 'buf' content */
buf.data = NULL; free_cont = 1;
/* /*
* Should really check the internal tags are correct but some things * Should really check the internal tags are correct but some things
* may get this wrong. The relevant specs say that constructed string * may get this wrong. The relevant specs say that constructed string
...@@ -763,18 +762,16 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, ...@@ -763,18 +762,16 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
* So instead just check for UNIVERSAL class and ignore the tag. * So instead just check for UNIVERSAL class and ignore the tag.
*/ */
if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) { if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
free_cont = 1;
goto err; goto err;
} }
len = buf.length; len = buf.length;
/* Append a final null to string */ /* Append a final null to string */
if (!BUF_MEM_grow_clean(&buf, len + 1)) { if (!BUF_MEM_grow_clean(&buf, len + 1)) {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
return 0; goto err;
} }
buf.data[len] = 0; buf.data[len] = 0;
cont = (const unsigned char *)buf.data; cont = (const unsigned char *)buf.data;
free_cont = 1;
} else { } else {
cont = p; cont = p;
len = plen; len = plen;
...@@ -782,6 +779,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, ...@@ -782,6 +779,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
} }
/* We now have content length and type: translate into a structure */ /* We now have content length and type: translate into a structure */
/* asn1_ex_c2i may reuse allocated buffer, and so sets free_cont to 0 */
if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
goto err; goto err;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册