提交 a8236c8c 编写于 作者: D Dr. Stephen Henson

Fix various memory leaks in SSL, apps and DSA

上级 1750ebcb
......@@ -5,9 +5,15 @@
Changes between 0.9.1c and 0.9.2
*) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
in apps/ and an unrellated leak in crypto/dsa/dsa_vrf.c
[Steve Henson]
*) Support for RAW extensions where an arbitrary extension can be
created by including its DER encoding. See apps/openssl.cnf for
an example.
[Steve Henson]
*) Make sure latest Perl versions don't interpret some generated C array
code as Perl array code in the crypto/err/err_genc.pl script.
......
......@@ -156,9 +156,13 @@ char *key_file;
ssl=SSL_new(ctx);
x509=SSL_get_certificate(ssl);
if (x509 != NULL)
EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
SSL_get_privatekey(ssl));
if (x509 != NULL) {
EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(x509);
EVP_PKEY_copy_parameters(pktmp,
SSL_get_privatekey(ssl));
EVP_PKEY_free(pktmp);
}
SSL_free(ssl);
*/
......
......@@ -743,9 +743,13 @@ int full;
BIO_printf(bio,"%s, Cipher is %s\n",
SSL_CIPHER_get_version(c),
SSL_CIPHER_get_name(c));
if (peer != NULL)
if (peer != NULL) {
EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(peer);
BIO_printf(bio,"Server public key is %d bit\n",
EVP_PKEY_bits(X509_get_pubkey(peer)));
EVP_PKEY_bits(pktmp));
EVP_PKEY_free(pktmp);
}
SSL_SESSION_print(bio,SSL_get_session(s));
BIO_printf(bio,"---\n");
if (peer != NULL)
......
......@@ -770,8 +770,12 @@ int full;
SSL_CIPHER_get_version(c),
SSL_CIPHER_get_name(c));
if (peer != NULL)
{
EVP_PKEY *pktmp;
BIO_printf(bio,"Server public key is %d bit\n",
EVP_PKEY_bits(X509_get_pubkey(peer)));
EVP_PKEY_bits(pktmp));
EVP_PKEY_free(pktmp);
}
SSL_SESSION_print(bio,SSL_get_session(s));
BIO_printf(bio,"---\n");
if (peer != NULL)
......
......@@ -91,7 +91,6 @@ DSA *dsa;
int ret = -1;
if ((ctx=BN_CTX_new()) == NULL) goto err;
if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
BN_init(&u1);
BN_init(&u2);
......
......@@ -953,8 +953,9 @@ unsigned char *data;
goto err;
ret=1;
err:
if (sk != NULL) sk_free(sk);
if (x509 != NULL) X509_free(x509);
sk_free(sk);
X509_free(x509);
EVP_PKEY_free(pkey);
return(ret);
}
......@@ -985,6 +986,7 @@ int padding;
if (i < 0)
SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
end:
EVP_PKEY_free(pkey);
return(i);
}
......@@ -910,6 +910,7 @@ SSL *s;
pkey=X509_get_pubkey(x509);
if (pkey == NULL) goto end;
i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey);
EVP_PKEY_free(pkey);
memset(&ctx,0,sizeof(ctx));
if (i)
......@@ -933,8 +934,8 @@ msg_end:
ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
}
end:
if (sk != NULL) sk_free(sk);
if (x509 != NULL) X509_free(x509);
sk_free(sk);
X509_free(x509);
return(ret);
}
......
......@@ -404,6 +404,7 @@ EVP_PKEY *pkey;
ret= -1;
err:
if(!pkey) EVP_PKEY_free(pk);
return(ret);
}
......
......@@ -814,8 +814,9 @@ f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
}
err:
if (x != NULL) X509_free(x);
if (sk != NULL) sk_pop_free(sk,X509_free);
EVP_PKEY_free(pkey);
X509_free(x);
sk_pop_free(sk,X509_free);
return(ret);
}
......@@ -1103,11 +1104,12 @@ SSL *s;
goto f_err;
}
}
EVP_PKEY_free(pkey);
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
err:
EVP_PKEY_free(pkey);
return(-1);
}
......@@ -1622,6 +1624,7 @@ SSL *s;
idx=c->cert_type;
pkey=X509_get_pubkey(c->pkeys[idx].x509);
i=X509_certificate_type(c->pkeys[idx].x509,pkey);
EVP_PKEY_free(pkey);
/* Check that we have a certificate if we require one */
......
......@@ -1510,6 +1510,7 @@ f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
}
end:
EVP_PKEY_free(pkey);
return(ret);
}
......
......@@ -229,8 +229,10 @@ EVP_PKEY *pkey;
if (c->pkeys[i].x509 != NULL)
{
EVP_PKEY_copy_parameters(
X509_get_pubkey(c->pkeys[i].x509),pkey);
EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(c->pkeys[i].x509);
EVP_PKEY_copy_parameters(pktmp,pkey);
EVP_PKEY_free(pktmp);
ERR_clear_error();
#ifndef NO_RSA
......@@ -503,6 +505,7 @@ X509 *x;
if (i < 0)
{
SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
EVP_PKEY_free(pkey);
return(0);
}
......@@ -549,6 +552,7 @@ X509 *x;
else
ok=1;
EVP_PKEY_free(pkey);
if (bad)
{
EVP_PKEY_free(c->pkeys[i].privatekey);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册