fixed memory leaks

2025-12-17 03:50:57 +01:00 · 2014-08-08 18:40:53 +02:00
parent 019df8e4c5
commit e022a9e842
6 changed files with 34 additions and 13 deletions
--- a/libpcp/ed.c
+++ b/libpcp/ed.c
@@ -331,6 +331,8 @@ size_t pcp_ed_detachsign_buffered(Pcpstream *in, Pcpstream *out, pcp_key_t *s) {
  char *z85encoded = pcp_z85_encode((byte*)signature, mlen, &zlen, 1);
  ps_print(out, "%s\r\n%s\r\n", z85encoded, PCP_SIG_END);

+  free(signature);
+  free(z85encoded);
  free(st);

  return outsize;
@@ -355,6 +357,7 @@ pcp_pubkey_t *pcp_ed_detachverify_buffered(PCPCTX *ptx, Pcpstream *in, Pcpstream
  }

  crypto_generichash_final(st, hash, crypto_generichash_BYTES_MAX);
+  free(st);

  /*  read the sig */
  byte *sig = NULL;
--- a/libpcp/vault.c
+++ b/libpcp/vault.c
@@ -246,8 +246,8 @@ int pcpvault_writeall(PCPCTX *ptx, vault_t *vault) {
      if(pcpvault_copy(ptx, tmp, vault) == 0) {
 	pcpvault_unlink(tmp);
      }
-      free(tmp);
-      buffer_clear(blob);
+      pcpvault_free(tmp);
+      buffer_free(blob);
      return 0;
    }
  }
--- a/libpcp/z85.c
+++ b/libpcp/z85.c
@@ -297,7 +297,7 @@ char *pcp_z85_encode(byte *raw, size_t srclen, size_t *dstlen, int doblock) {

 char *pcp_readz85file(PCPCTX *ptx, FILE *infile) {
  byte *input = NULL;
-  byte *tmp = NULL;
+  char *out = NULL;
  size_t bufsize = 0;
  byte byte[1];

@@ -306,19 +306,21 @@ char *pcp_readz85file(PCPCTX *ptx, FILE *infile) {
      break;
    if(ferror(infile) != 0)
      break;
-    tmp = realloc(input, bufsize + 1);
-    input = tmp;
+    input = realloc(input, bufsize + 1);
    memmove(&input[bufsize], byte, 1);
    bufsize ++;
  }

  if(bufsize == 0) {
    fatal(ptx, "Input file is empty!\n");
-    free(tmp);
+    free(input);
    return NULL;
  }

-  return pcp_readz85string(ptx, input, bufsize);
+  out = pcp_readz85string(ptx, input, bufsize);
+  free(input);
+
+  return out;
 }

 char *pcp_readz85string(PCPCTX *ptx, unsigned char *input, size_t bufsize) {
--- a/src/encryption.c
+++ b/src/encryption.c
@@ -74,6 +74,7 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
      }

      symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), salt, 90);
+      ucfree(passphrase, strlen(passwd)+1);
      free(salt);
    }
    else if(head == PCP_ASYM_CIPHER || head == PCP_ASYM_CIPHER_SIG) {
@@ -124,10 +125,13 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i
    goto errde3;
  }

-  if(symkey == NULL)
+  if(symkey == NULL) {
    dlen = pcp_decrypt_stream(ptx, pin, pout, secret, NULL, verify);
-  else
+  }
+  else {
    dlen = pcp_decrypt_stream(ptx, pin, pout, NULL, symkey, verify);
+    ucfree(symkey, 64);
+  }

  ps_close(pin);
  ps_close(pout);
@@ -142,6 +146,9 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, i


 errde3:
+  if(symkey != NULL)
+     ucfree(symkey, 64);
+
  return 1;
 }

@@ -174,6 +181,7 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
    memcpy(salt, stsalt, 90);
    symkey = pcp_scrypt(ptx, passphrase, strlen(passphrase), salt, 90);
    free(salt);
+    ucfree(passphrase, strlen(passwd)+1);
  }
  else if(id != NULL && recipient == NULL) {
    /*  lookup by id */
@@ -282,10 +290,13 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
    ps_armor(pout, PCP_BLOCK_SIZE/2);
  }

-  if(self == 1)
+  if(self == 1) {
    clen = pcp_encrypt_stream_sym(ptx, pin, pout, symkey, 0, NULL);
-  else
+    ucfree(symkey, 64);
+  }
+  else {
    clen = pcp_encrypt_stream(ptx, pin, pout, secret, pubhash, signcrypt);
+  }

  if(armor == 1) {
    ps_finish(pout);
@@ -318,6 +329,9 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
 erren2:
  pcphash_cleanpub(pubhash);

+  if(symkey != NULL)
+    ucfree(symkey, 64);
+
 erren3:

  return 1;
--- a/src/keyprint.c
+++ b/src/keyprint.c
@@ -64,8 +64,9 @@ int pcptext_infile(char *infile) {
    fprintf(stdout, "%s isn't properly Z85 encoded - unknown file type.\n", infile);
    goto errtinf1;
  }
-
-  /* FIXME: try to import pk or sk */
+  else
+    /* FIXME: try to import pk or sk */
+    free(bin);

  /*  still there? */
  fprintf(stdout, "%s looks Z85 encoded but otherwise unknown and is possibly encrypted.\n", infile);
--- a/src/signature.c
+++ b/src/signature.c
@@ -67,6 +67,7 @@ int pcpsign(char *infile, char *outfile, char *passwd, int z85, int detach) {
    }

    secret = pcpkey_decrypt(ptx, secret, passphrase);
+    ucfree(passphrase, strlen(passwd)+1);
    if(secret == NULL)
      goto errs1;
  }