Skip to content
Permalink
Browse files

Check output of mpz_set_str and fix leak on error condition

Also add static identifier as upstream did
  • Loading branch information
est31 committed Jul 24, 2015
1 parent aab7c83 commit 5bde7798e9c90904c0d38c75da1f2ce2d62922af
Showing with 21 additions and 14 deletions.
  1. +2 −2 src/util/sha256.c
  2. +19 −12 src/util/srp.cpp
@@ -15,8 +15,8 @@
const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;

/* mem_clr.c */
unsigned char cleanse_ctr = 0;
void OPENSSL_cleanse(void *ptr, size_t len)
unsigned static char cleanse_ctr = 0;
static void OPENSSL_cleanse(void *ptr, size_t len)
{
unsigned char *p = ptr;
size_t loop = len, ctr = cleanse_ctr;
@@ -166,6 +166,15 @@ static struct NGHex global_Ng_constants[] = {
};


static void delete_ng(NGConstant *ng)
{
if (ng) {
mpz_clear(ng->N);
mpz_clear(ng->g);
free(ng);
}
}

static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_hex )
{
NGConstant *ng = (NGConstant *) malloc(sizeof(NGConstant));
@@ -180,21 +189,17 @@ static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_
g_hex = global_Ng_constants[ ng_type ].g_hex;
}

mpz_set_str(ng->N, n_hex, 16);
mpz_set_str(ng->g, g_hex, 16);

return ng;
}
int rv = 0;
rv = mpz_set_str(ng->N, n_hex, 16);
rv = rv | mpz_set_str(ng->g, g_hex, 16);

static void delete_ng( NGConstant *ng )
{
if (ng) {
mpz_clear(ng->N);
mpz_clear(ng->g);
free(ng);
if (rv) {
delete_ng(ng);
return 0;
}
}

return ng;
}


typedef union
@@ -849,6 +854,8 @@ struct SRPUser *srp_user_new(SRP_HashAlgorithm alg, SRP_NGType ng_type,
mpz_clear(usr->a);
mpz_clear(usr->A);
mpz_clear(usr->S);
if (usr->ng)
delete_ng(usr->ng);
if (usr->username)
free(usr->username);
if (usr->username_verifier)

0 comments on commit 5bde779

Please sign in to comment.
You can’t perform that action at this time.