From e022a9e842c3dc852e20ba868c569745cf44336b Mon Sep 17 00:00:00 2001
From: TLINDEN <git@daemon.de>
Date: Fri, 8 Aug 2014 18:40:53 +0200
Subject: [PATCH] fixed memory leaks

---
 libpcp/ed.c      |  3 +++
 libpcp/vault.c   |  4 ++--
 libpcp/z85.c     | 12 +++++++-----
 src/encryption.c | 22 ++++++++++++++++++----
 src/keyprint.c   |  5 +++--
 src/signature.c  |  1 +
 6 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/libpcp/ed.c b/libpcp/ed.c
index e3d2863..1ac87cc 100644
--- a/libpcp/ed.c
+++ b/libpcp/ed.c
@@ -331,6 +331,8 @@ size_t pcp_ed_detachsign_buffered(Pcpstream *in, Pcpstream *out, pcp_key_t *s) {
   char *z85encoded = pcp_z85_encode((byte*)signature, mlen, &zlen, 1);
   ps_print(out, "%s\r\n%s\r\n", z85encoded, PCP_SIG_END);
 
+  free(signature);
+  free(z85encoded);
   free(st);
 
   return outsize;
@@ -355,6 +357,7 @@ pcp_pubkey_t *pcp_ed_detachverify_buffered(PCPCTX *ptx, Pcpstream *in, Pcpstream
   }
 
   crypto_generichash_final(st, hash, crypto_generichash_BYTES_MAX);
+  free(st);
 
   /*  read the sig */
   byte *sig = NULL;
diff --git a/libpcp/vault.c b/libpcp/vault.c
index 7abb63f..0477072 100644
--- a/libpcp/vault.c
+++ b/libpcp/vault.c
@@ -246,8 +246,8 @@ int pcpvault_writeall(PCPCTX *ptx, vault_t *vault) {
       if(pcpvault_copy(ptx, tmp, vault) == 0) {
 	pcpvault_unlink(tmp);
       }
-      free(tmp);
-      buffer_clear(blob);
+      pcpvault_free(tmp);
+      buffer_free(blob);
       return 0;
     }
   }
diff --git a/libpcp/z85.c b/libpcp/z85.c
index ea5e984..87f9a6e 100644
--- a/libpcp/z85.c
+++ b/libpcp/z85.c
@@ -297,7 +297,7 @@ char *pcp_z85_encode(byte *raw, size_t srclen, size_t *dstlen, int doblock) {
 
 char *pcp_readz85file(PCPCTX *ptx, FILE *infile) {
   byte *input = NULL;
-  byte *tmp = NULL;
+  char *out = NULL;
   size_t bufsize = 0;
   byte byte[1];
 
@@ -306,19 +306,21 @@ char *pcp_readz85file(PCPCTX *ptx, FILE *infile) {
       break;
     if(ferror(infile) != 0)
       break;
-    tmp = realloc(input, bufsize + 1);
-    input = tmp;
+    input = realloc(input, bufsize + 1);
     memmove(&input[bufsize], byte, 1);
     bufsize ++;
   }
 
   if(bufsize == 0) {
     fatal(ptx, "Input file is empty!\n");
-    free(tmp);
+    free(input);
     return NULL;
   }
 
-  return pcp_readz85string(ptx, input, bufsize);
+  out = pcp_readz85string(ptx, input, bufsize);
+  free(input);
+
+  return out;
 }
 
 char *pcp_readz85string(PCPCTX *ptx, unsigned char *input, size_t bufsize) {
diff --git a/src/encryption.c b/src/encryption.c
index e5df02b..82535c2 100644
--- a/src/encryption.c
+++ b/src/encryption.c
@@ -74,6 +74,7 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
       }
 
       symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), salt, 90);
+      ucfree(passphrase, strlen(passwd)+1);
       free(salt);
     }
     else if(head == PCP_ASYM_CIPHER || head == PCP_ASYM_CIPHER_SIG) {
@@ -124,10 +125,13 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
     goto errde3;
   }
 
-  if(symkey == NULL)
+  if(symkey == NULL) {
     dlen = pcp_decrypt_stream(ptx, pin, pout, secret, NULL, verify);
-  else
+  }
+  else {
     dlen = pcp_decrypt_stream(ptx, pin, pout, NULL, symkey, verify);
+    ucfree(symkey, 64);
+  }
 
   ps_close(pin);
   ps_close(pout);
@@ -142,6 +146,9 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
 
 
  errde3:
+  if(symkey != NULL)
+     ucfree(symkey, 64);
+
   return 1;
 }
 
@@ -174,6 +181,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
     memcpy(salt, stsalt, 90);
     symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), salt, 90);
     free(salt);
+    ucfree(passphrase, strlen(passwd)+1);
   }
   else if(id != NULL && recipient == NULL) {
     /*  lookup by id */
@@ -282,10 +290,13 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
     ps_armor(pout, PCP_BLOCK_SIZE/2);
   }
 
-  if(self == 1)
+  if(self == 1) {
     clen = pcp_encrypt_stream_sym(ptx, pin, pout, symkey, 0, NULL);
-  else
+    ucfree(symkey, 64);
+  }
+  else {
     clen = pcp_encrypt_stream(ptx, pin, pout, secret, pubhash, signcrypt);
+  }
 
   if(armor == 1) {
     ps_finish(pout);
@@ -318,6 +329,9 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
  erren2:
   pcphash_cleanpub(pubhash);
 
+  if(symkey != NULL)
+    ucfree(symkey, 64);
+
  erren3:
 
   return 1;
diff --git a/src/keyprint.c b/src/keyprint.c
index 0bb4b26..cf623b0 100644
--- a/src/keyprint.c
+++ b/src/keyprint.c
@@ -64,8 +64,9 @@ int pcptext_infile(char *infile) {
     fprintf(stdout, "%s isn't properly Z85 encoded - unknown file type.\n", infile);
     goto errtinf1;
   }
-
-  /* FIXME: try to import pk or sk */
+  else
+    /* FIXME: try to import pk or sk */
+    free(bin);
 
   /*  still there? */
   fprintf(stdout, "%s looks Z85 encoded but otherwise unknown and is possibly encrypted.\n", infile);
diff --git a/src/signature.c b/src/signature.c
index 358be84..cf62eca 100644
--- a/src/signature.c
+++ b/src/signature.c
@@ -67,6 +67,7 @@ int pcpsign(char *infile, char *outfile, char *passwd, int z85, int detach) {
     }
 
     secret = pcpkey_decrypt(ptx, secret, passphrase);
+    ucfree(passphrase, strlen(passwd)+1);
     if(secret == NULL)
       goto errs1;
   }