Skip to content

Commit

Permalink
Fix potential memory leak for SHA2_sha512_inc
Browse files Browse the repository at this point in the history
Signed-off-by: Songling Han <[email protected]>
  • Loading branch information
songlingatpan committed Sep 22, 2024
1 parent c6ace19 commit 3fa49f1
Showing 1 changed file with 109 additions and 48 deletions.
157 changes: 109 additions & 48 deletions src/common/sha2/sha2_ossl.c
Original file line number Diff line number Diff line change
Expand Up @@ -86,98 +86,159 @@ static void SHA2_sha256_inc_init(OQS_SHA2_sha256_ctx *state) {
state->ctx = mdctx;
}
static void SHA2_sha256_inc(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t len) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, len));
if (state && state->ctx) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, len));
}
}

static void SHA2_sha256_inc_blocks(OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inblocks) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * SHA2_BLOCK_SIZE));
if (state && state->ctx) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * SHA2_BLOCK_SIZE));
}
}

static void SHA2_sha256_inc_finalize(uint8_t *out, OQS_SHA2_sha256_ctx *state, const uint8_t *in, size_t inlen) {
unsigned int md_len;
if (inlen > 0) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
if (state && state->ctx && out) {
unsigned int md_len;
if (inlen > 0 && in) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
}

static void SHA2_sha256_inc_ctx_release(OQS_SHA2_sha256_ctx *state) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
if (state && state->ctx) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
}

static void SHA2_sha256_inc_ctx_clone(OQS_SHA2_sha256_ctx *dest, const OQS_SHA2_sha256_ctx *src) {
SHA2_sha256_inc_init(dest);
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
if (dest && src && src->ctx) {
SHA2_sha256_inc_init(dest);
if (dest->ctx) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
}
}
}

static void SHA2_sha384_inc_init(OQS_SHA2_sha384_ctx *state) {
EVP_MD_CTX *mdctx;
const EVP_MD *md = NULL;
md = oqs_sha384();
OQS_EXIT_IF_NULLPTR(md, "OpenSSL");
mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL));
state->ctx = mdctx;
if (state == NULL) {
return;
}
EVP_MD_CTX *mdctx;
const EVP_MD *md = NULL;
md = oqs_sha384();
if (md == NULL) {
OQS_EXIT_IF_NULLPTR(md, "OpenSSL");
return;
}
mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
if (mdctx == NULL) {
OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
return;
}
if (OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL) != 1) {
OSSL_FUNC(EVP_MD_CTX_free)(mdctx);
OQS_EXIT_IF_NULLPTR(NULL, "OpenSSL digest initialization failed");
return;
}
state->ctx = mdctx;
}

static void SHA2_sha384_inc_blocks(OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inblocks) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * SHA2_BLOCK_SIZE));
if (state && state->ctx && in) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * SHA2_BLOCK_SIZE));
}
}

static void SHA2_sha384_inc_finalize(uint8_t *out, OQS_SHA2_sha384_ctx *state, const uint8_t *in, size_t inlen) {
unsigned int md_len;
if (inlen > 0) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
if (state && state->ctx && out) {
unsigned int md_len;
if (inlen > 0 && in) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
}

static void SHA2_sha384_inc_ctx_release(OQS_SHA2_sha384_ctx *state) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
if (state && state->ctx) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
}

static void SHA2_sha384_inc_ctx_clone(OQS_SHA2_sha384_ctx *dest, const OQS_SHA2_sha384_ctx *src) {
SHA2_sha384_inc_init(dest);
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
if (dest && src && src->ctx) {
SHA2_sha384_inc_init(dest);
if (dest->ctx) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
}
}
}

static void SHA2_sha512_inc_init(OQS_SHA2_sha512_ctx *state) {
EVP_MD_CTX *mdctx;
const EVP_MD *md = NULL;
md = oqs_sha512();
OQS_EXIT_IF_NULLPTR(md, "OpenSSL");
mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL));
state->ctx = mdctx;
if (state == NULL) {
return;
}
EVP_MD_CTX *mdctx;
const EVP_MD *md = NULL;
md = oqs_sha512();
if (md == NULL) {
OQS_EXIT_IF_NULLPTR(md, "OpenSSL");
return;
}
mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
if (mdctx == NULL) {
OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
return;
}
if (OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL) != 1) {
OSSL_FUNC(EVP_MD_CTX_free)(mdctx);
OQS_EXIT_IF_NULLPTR(NULL, "OpenSSL digest initialization failed");
return;
}
state->ctx = mdctx;
}

static void SHA2_sha512_inc_blocks(OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inblocks) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * 2 * SHA2_BLOCK_SIZE));
if (state && state->ctx && in) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inblocks * 2 * SHA2_BLOCK_SIZE));
}
}

static void SHA2_sha512_inc_finalize(uint8_t *out, OQS_SHA2_sha512_ctx *state, const uint8_t *in, size_t inlen) {
unsigned int md_len;
if (inlen > 0) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
if (state && state->ctx && out) {
unsigned int md_len;
if (in && inlen > 0) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)((EVP_MD_CTX *) state->ctx, in, inlen));
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)((EVP_MD_CTX *) state->ctx, out, &md_len));
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
}

static void SHA2_sha512_inc_ctx_release(OQS_SHA2_sha512_ctx *state) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
if (state && state->ctx) {
OSSL_FUNC(EVP_MD_CTX_free)((EVP_MD_CTX *) state->ctx);
state->ctx = NULL;
}
}

static void SHA2_sha512_inc_ctx_clone(OQS_SHA2_sha512_ctx *dest, const OQS_SHA2_sha512_ctx *src) {
SHA2_sha512_inc_init(dest);
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
if (dest && src && src->ctx) {
SHA2_sha512_inc_init(dest);
if (dest->ctx) {
OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_MD_CTX_copy_ex)((EVP_MD_CTX *) dest->ctx, (EVP_MD_CTX *) src->ctx));
}
}
}

struct OQS_SHA2_callbacks sha2_default_callbacks = {
Expand Down

0 comments on commit 3fa49f1

Please sign in to comment.