Skip to content

Commit

Permalink
fixed memory leaks
Browse files Browse the repository at this point in the history
  • Loading branch information
feventura committed Jan 15, 2024
1 parent 659e826 commit f2264d9
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 37 deletions.
34 changes: 13 additions & 21 deletions oqsprov/oqs_encode_key2any.c
Original file line number Diff line number Diff line change
Expand Up @@ -713,16 +713,15 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)
aString[i] = ASN1_OCTET_STRING_new();
tempOct[i] = ASN1_OCTET_STRING_new();
temp[i] = NULL;
buflen = 0;

if ((name = get_cmpname(OBJ_sn2nid(oqsxkey->tls_name), i))
== NULL) {
OPENSSL_free(name);
for (i = 0; i < oqsxkey->numkeys; i++) {
OPENSSL_free(temp[i]);
OPENSSL_free(cbuf[i]);
OPENSSL_free(aType[i]);
OPENSSL_free(aString[i]);
OPENSSL_free(tempOct[i]);
ASN1_OCTET_STRING_free(aString[i]);
ASN1_OCTET_STRING_free(tempOct[i]);
ASN1_TYPE_free(aType[i]);
}
OPENSSL_free(sk);
return -1;
Expand All @@ -740,11 +739,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)
if (buflen > oqsxkey->privkeylen_cmp[i]) {
OPENSSL_free(name);
for (i = 0; i < oqsxkey->numkeys; i++) {
OPENSSL_free(temp[i]);
OPENSSL_free(cbuf[i]);
OPENSSL_free(aType[i]);
OPENSSL_free(aString[i]);
OPENSSL_free(tempOct[i]);
ASN1_OCTET_STRING_free(aString[i]);
ASN1_OCTET_STRING_free(tempOct[i]);
ASN1_TYPE_free(aType[i]);
}
OPENSSL_free(sk);
ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING);
Expand All @@ -756,7 +753,6 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)
buflen = oqsxkey->privkeylen_cmp[i] + oqsxkey->pubkeylen_cmp[i];

cbuf[i] = OPENSSL_malloc(buflen);
memcpy(cbuf[i], oqsxkey->comp_privkey[i], buflen);
if (get_oqsname_fromtls(name)
!= 0) { // include pubkey in privkey for PQC
memcpy(cbuf[i], oqsxkey->comp_privkey[i],
Expand All @@ -773,11 +769,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)

if (!sk_ASN1_TYPE_push(sk, aType[i])) {
for (i = 0; i < oqsxkey->numkeys; i++) {
OPENSSL_free(temp[i]);
OPENSSL_free(cbuf[i]);
OPENSSL_free(aType[i]);
OPENSSL_free(aString[i]);
OPENSSL_free(tempOct[i]);
ASN1_OCTET_STRING_free(aString[i]);
ASN1_OCTET_STRING_free(tempOct[i]);
ASN1_TYPE_free(aType[i]);
}
OPENSSL_free(sk);
OPENSSL_free(name);
Expand All @@ -788,11 +782,9 @@ static int oqsx_pki_priv_to_der(const void *vxkey, unsigned char **pder)
keybloblen = i2d_ASN1_SEQUENCE_ANY(sk, pder);

for (i = 0; i < oqsxkey->numkeys; i++) {
OPENSSL_free(temp[i]);
OPENSSL_free(cbuf[i]);
OPENSSL_free(aType[i]);
OPENSSL_free(aString[i]);
OPENSSL_free(tempOct[i]);
ASN1_OCTET_STRING_free(aString[i]);
ASN1_OCTET_STRING_free(tempOct[i]);
ASN1_TYPE_free(aType[i]);
}

OPENSSL_free(sk);
Expand Down
14 changes: 6 additions & 8 deletions oqsprov/oqs_sig.c
Original file line number Diff line number Diff line change
Expand Up @@ -471,11 +471,11 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
<= 0)) {
ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
OPENSSL_free(name);
OPENSSL_free(evp_ctx);
EVP_MD_CTX_free(evp_ctx);
OPENSSL_free(buf);
goto endsign;
}
OPENSSL_free(evp_ctx);
EVP_MD_CTX_free(evp_ctx);
} else {
if ((classical_ctx_sign
= EVP_PKEY_CTX_new(oqs_key_classic, NULL))
Expand Down Expand Up @@ -591,9 +591,7 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
}
oqs_sig_len = i2d_CompositeSignature(compsig, &sig);

OPENSSL_free(compsig->sig1->data);
OPENSSL_free(compsig->sig2->data);
OPENSSL_free(compsig);
CompositeSignature_free(compsig);
OPENSSL_free(final_tbs);
} else if (OQS_SIG_sign(oqs_key, sig + index, &oqs_sig_len, tbs, tbslen,
oqsxkey->comp_privkey[oqsxkey->numkeys - 1])
Expand Down Expand Up @@ -809,10 +807,10 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
<= 0)) {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
OPENSSL_free(evp_ctx);
EVP_MD_CTX_free(evp_ctx);
goto endverify;
}
OPENSSL_free(evp_ctx);
EVP_MD_CTX_free(evp_ctx);
} else {
if (((ctx_verify
= EVP_PKEY_CTX_new(oqsxkey->classical_pkey, NULL))
Expand Down Expand Up @@ -893,7 +891,7 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,

OPENSSL_free(name);
}
OPENSSL_free(compsig);
CompositeSignature_free(compsig);
OPENSSL_free(final_tbs);
} else {
if (!oqsxkey->comp_pubkey[oqsxkey->numkeys - 1]) {
Expand Down
19 changes: 11 additions & 8 deletions oqsprov/oqsprov_keys.c
Original file line number Diff line number Diff line change
Expand Up @@ -1387,29 +1387,32 @@ void oqsx_key_free(OQSX_KEY *key)
#endif

OPENSSL_free(key->propq);
OPENSSL_free(key->tls_name);
OPENSSL_secure_clear_free(key->privkey, key->privkeylen);
OPENSSL_secure_clear_free(key->pubkey, key->pubkeylen);
OPENSSL_free(key->comp_pubkey);
OPENSSL_free(key->comp_privkey);
if (key->keytype == KEY_TYPE_CMP_SIG) {
OPENSSL_free(key->privkeylen_cmp);
OPENSSL_free(key->pubkeylen_cmp);
}
if (key->keytype == KEY_TYPE_KEM)
OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem);
else if (key->keytype == KEY_TYPE_ECP_HYB_KEM
|| key->keytype == KEY_TYPE_ECX_HYB_KEM) {
OQS_KEM_free(key->oqsx_provider_ctx.oqsx_qs_ctx.kem);
} else {
} else
OQS_SIG_free(key->oqsx_provider_ctx.oqsx_qs_ctx.sig);
if (key->oqsx_provider_ctx.oqsx_evp_ctx) {
EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx);
EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam);
OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx);
}
EVP_PKEY_free(key->classical_pkey);
if (key->oqsx_provider_ctx.oqsx_evp_ctx) {
EVP_PKEY_CTX_free(key->oqsx_provider_ctx.oqsx_evp_ctx->ctx);
EVP_PKEY_free(key->oqsx_provider_ctx.oqsx_evp_ctx->keyParam);
OPENSSL_free(key->oqsx_provider_ctx.oqsx_evp_ctx);
}
OPENSSL_free(key->tls_name);

#ifdef OQS_PROVIDER_NOATOMIC
CRYPTO_THREAD_lock_free(key->lock);
#endif
OPENSSL_free(key->classical_pkey);
OPENSSL_free(key);
}

Expand Down

0 comments on commit f2264d9

Please sign in to comment.