From 64b5e5f5e7d186d40ae28289fc0a305e487ccd01 Mon Sep 17 00:00:00 2001 From: jsg Date: Thu, 17 Apr 2014 17:30:22 +0000 Subject: [PATCH] fix some of the leaks ok miod@ looks good deraadt@ --- lib/libcrypto/asn1/asn_mime.c | 8 ++++++-- lib/libcrypto/ocsp/ocsp_ht.c | 14 +++++++++++--- lib/libcrypto/pem/pvkfmt.c | 4 +++- lib/libcrypto/x509/x509_lu.c | 4 +++- lib/libssl/src/crypto/asn1/asn_mime.c | 8 ++++++-- lib/libssl/src/crypto/ocsp/ocsp_ht.c | 14 +++++++++++--- lib/libssl/src/crypto/pem/pvkfmt.c | 4 +++- lib/libssl/src/crypto/x509/x509_lu.c | 4 +++- 8 files changed, 46 insertions(+), 14 deletions(-) diff --git a/lib/libcrypto/asn1/asn_mime.c b/lib/libcrypto/asn1/asn_mime.c index d94b3cd6f84..3de73fdb1ef 100644 --- a/lib/libcrypto/asn1/asn_mime.c +++ b/lib/libcrypto/asn1/asn_mime.c @@ -823,10 +823,14 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } else tmpval = NULL; mhdr = (MIME_HEADER *) malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; + if (!mhdr) + return NULL; mhdr->name = tmpname; mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; + if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) { + free(mhdr); + return NULL; + } return mhdr; } diff --git a/lib/libcrypto/ocsp/ocsp_ht.c b/lib/libcrypto/ocsp/ocsp_ht.c index 17b252d6a86..0fa23b027b5 100644 --- a/lib/libcrypto/ocsp/ocsp_ht.c +++ b/lib/libcrypto/ocsp/ocsp_ht.c @@ -167,16 +167,24 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = malloc(rctx->iobuflen); - if (!rctx->iobuf) + if (!rctx->iobuf) { + free(rctx); return 0; + } if (!path) path = "/"; - if (BIO_printf(rctx->mem, post_hdr, path) <= 0) + if (BIO_printf(rctx->mem, post_hdr, path) <= 0) { + free(rctx->iobuf); + free(rctx); return 0; + } - if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) + if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) { + free(rctx->iobuf); + free(rctx); return 0; + } return rctx; } diff --git a/lib/libcrypto/pem/pvkfmt.c b/lib/libcrypto/pem/pvkfmt.c index 8da8e77973c..59af2020ab8 100644 --- a/lib/libcrypto/pem/pvkfmt.c +++ b/lib/libcrypto/pem/pvkfmt.c @@ -753,8 +753,10 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, return NULL; } if (!derive_pvk_key(keybuf, p, saltlen, - (unsigned char *)psbuf, inlen)) + (unsigned char *)psbuf, inlen)) { + free(enctmp); return NULL; + } p += saltlen; /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 644ea83bace..cbbe8e86f86 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void) ret->verify=0; ret->verify_cb=0; - if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) + if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) { + free(ret); return NULL; + } ret->get_issuer = 0; ret->check_issued = 0; diff --git a/lib/libssl/src/crypto/asn1/asn_mime.c b/lib/libssl/src/crypto/asn1/asn_mime.c index d94b3cd6f84..3de73fdb1ef 100644 --- a/lib/libssl/src/crypto/asn1/asn_mime.c +++ b/lib/libssl/src/crypto/asn1/asn_mime.c @@ -823,10 +823,14 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } else tmpval = NULL; mhdr = (MIME_HEADER *) malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; + if (!mhdr) + return NULL; mhdr->name = tmpname; mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; + if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) { + free(mhdr); + return NULL; + } return mhdr; } diff --git a/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/lib/libssl/src/crypto/ocsp/ocsp_ht.c index 17b252d6a86..0fa23b027b5 100644 --- a/lib/libssl/src/crypto/ocsp/ocsp_ht.c +++ b/lib/libssl/src/crypto/ocsp/ocsp_ht.c @@ -167,16 +167,24 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, else rctx->iobuflen = OCSP_MAX_LINE_LEN; rctx->iobuf = malloc(rctx->iobuflen); - if (!rctx->iobuf) + if (!rctx->iobuf) { + free(rctx); return 0; + } if (!path) path = "/"; - if (BIO_printf(rctx->mem, post_hdr, path) <= 0) + if (BIO_printf(rctx->mem, post_hdr, path) <= 0) { + free(rctx->iobuf); + free(rctx); return 0; + } - if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) + if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) { + free(rctx->iobuf); + free(rctx); return 0; + } return rctx; } diff --git a/lib/libssl/src/crypto/pem/pvkfmt.c b/lib/libssl/src/crypto/pem/pvkfmt.c index 8da8e77973c..59af2020ab8 100644 --- a/lib/libssl/src/crypto/pem/pvkfmt.c +++ b/lib/libssl/src/crypto/pem/pvkfmt.c @@ -753,8 +753,10 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, return NULL; } if (!derive_pvk_key(keybuf, p, saltlen, - (unsigned char *)psbuf, inlen)) + (unsigned char *)psbuf, inlen)) { + free(enctmp); return NULL; + } p += saltlen; /* Copy BLOBHEADER across, decrypt rest */ memcpy(enctmp, p, 8); diff --git a/lib/libssl/src/crypto/x509/x509_lu.c b/lib/libssl/src/crypto/x509/x509_lu.c index 644ea83bace..cbbe8e86f86 100644 --- a/lib/libssl/src/crypto/x509/x509_lu.c +++ b/lib/libssl/src/crypto/x509/x509_lu.c @@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void) ret->verify=0; ret->verify_cb=0; - if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) + if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) { + free(ret); return NULL; + } ret->get_issuer = 0; ret->check_issued = 0; -- 2.20.1