New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix memory leak in ASN.1 #931

Closed
wants to merge 2 commits into
from
Jump to file or symbol
Failed to load files and symbols.
+115 −4
Diff settings

Always

Just for now

Next

Fix memory leak in ASN.1

Affects 1.1.0 dev branch only; introduced around commit
f93ad22

Found with LibFuzzer
  • Loading branch information...
ekasper committed Mar 30, 2016
commit dd5ac557f052cc2b7f718ac44a8cb7ac6f77dca8
View
@@ -617,6 +617,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
/* |skfield| may be partially allocated despite failure. */
ASN1_item_free(skfield, ASN1_ITEM_ptr(tt->item));
goto err;
}
len -= p - q;
View
@@ -84,6 +84,7 @@ DTLSV1LISTENTEST = dtlsv1listentest
CTTEST= ct_test
THREADSTEST= threadstest
AFALGTEST= afalgtest
D2ITEST = d2i_test
TESTS= alltests
@@ -106,7 +107,7 @@ EXE= $(NPTEST)$(EXE_EXT) $(MEMLEAKTEST)$(EXE_EXT) \
$(CONSTTIMETEST)$(EXE_EXT) $(VERIFYEXTRATEST)$(EXE_EXT) \
$(CLIENTHELLOTEST)$(EXE_EXT) $(PACKETTEST)$(EXE_EXT) $(ASYNCTEST)$(EXE_EXT) \
$(DTLSV1LISTENTEST)$(EXE_EXT) $(CTTEST)$(EXE_EXT) $(THREADSTEST)$(EXE_EXT) \
$(AFALGTEST)$(EXE_EXT)
$(AFALGTEST)$(EXE_EXT) $(D2ITEST)$(EXE_EXT)
# $(METHTEST)$(EXE_EXT)
@@ -124,7 +125,7 @@ OBJ= $(NPTEST).o $(MEMLEAKTEST).o \
$(HEARTBEATTEST).o $(P5_CRPT2_TEST).o \
$(CONSTTIMETEST).o $(VERIFYEXTRATEST).o $(CLIENTHELLOTEST).o \
$(PACKETTEST).o $(ASYNCTEST).o $(DTLSV1LISTENTEST).o $(CTTEST).o \
$(THREADSTEST).o testutil.o $(AFALGTEST).o
$(THREADSTEST).o testutil.o $(AFALGTEST).o $(D2ITEST).o
SRC= $(NPTEST).c $(MEMLEAKTEST).c \
$(BNTEST).c $(ECTEST).c \
@@ -139,7 +140,7 @@ SRC= $(NPTEST).c $(MEMLEAKTEST).c \
$(HEARTBEATTEST).c $(P5_CRPT2_TEST).c \
$(CONSTTIMETEST).c $(VERIFYEXTRATEST).c $(CLIENTHELLOTEST).c \
$(PACKETTEST).c $(ASYNCTEST).c $(DTLSV1LISTENTEST).c $(CTTEST).c \
$(THREADSTEST).c testutil.c $(AFALGTEST).c
$(THREADSTEST).c testutil.c $(AFALGTEST).c $(D2ITEST).c
HEADER= testutil.h
@@ -385,4 +386,7 @@ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
$(AFALGTEST)$(EXE_EXT): $(AFALGTEST).o $(DLIBCRYPTO)
@target=$(AFALGTEST); $(BUILD_CMD)
$(D2ITEST)$(EXE_EXT): $(D2ITEST).o $(DLIBCRYPTO) testutil.o
@target=$(D2ITEST) testutil=testutil.o; $(BUILD_CMD)
# DO NOT DELETE THIS LINE -- make depend depends on it.
View
@@ -14,7 +14,7 @@ PROGRAMS=\
danetest heartbeat_test p5_crpt2_test \
constant_time_test verify_extra_test clienthellotest \
packettest asynctest secmemtest srptest memleaktest \
dtlsv1listentest ct_test threadstest afalgtest
dtlsv1listentest ct_test threadstest afalgtest d2i_test
SOURCE[aborttest]=aborttest.c
INCLUDE[aborttest]={- rel2abs(catdir($builddir,"../include")) -} ../include
@@ -220,4 +220,8 @@ SOURCE[afalgtest]=afalgtest.c
INCLUDE[afalgtest]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
DEPEND[afalgtest]=../libcrypto
SOURCE[d2i_test]=d2i_test.c testutil.c
INCLUDE[d2i_test]={- rel2abs(catdir($builddir,"../include")) -} .. ../include
DEPEND[d2i_test]=../libcrypto
INCLUDE[testutil.o]=..
View
Binary file not shown.
View
@@ -0,0 +1,87 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL licenses, (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.openssl.org/source/license.html
* or in the file LICENSE in the source distribution.
*/
/* Regression tests for ASN.1 parsing bugs. */
#include <stdio.h>
#include "testutil.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/x509.h>
static const char *test_file;
typedef struct d2i_test_fixture {
const char *test_case_name;
} D2I_TEST_FIXTURE;
static D2I_TEST_FIXTURE set_up(const char *const test_case_name)
{
D2I_TEST_FIXTURE fixture;
fixture.test_case_name = test_case_name;
return fixture;
}
static int execute_test(D2I_TEST_FIXTURE fixture)
{
BIO *bio = NULL;
X509 *x509 = NULL;
int ret = 1;
if ((bio = BIO_new_file(test_file, "r")) == NULL)
return 1;
x509 = d2i_X509_bio(bio, NULL);
if (x509 != NULL)
goto err;
ret = 0;
err:
BIO_free(bio);
X509_free(x509);
return ret;
}
static void tear_down(D2I_TEST_FIXTURE fixture)
{
ERR_print_errors_fp(stderr);
}
#define SETUP_D2I_TEST_FIXTURE() \
SETUP_TEST_FIXTURE(D2I_TEST_FIXTURE, set_up)
#define EXECUTE_D2I_TEST() \
EXECUTE_TEST(execute_test, tear_down)
static int test_bad_certificate()
{
SETUP_D2I_TEST_FIXTURE();
EXECUTE_D2I_TEST();
}
int main(int argc, char **argv)
{
int result = 0;
if (argc != 2)
return 1;
test_file = argv[1];
ADD_TEST(test_bad_certificate);
result = run_tests(argv[0]);
return result;
}
View
@@ -0,0 +1,14 @@
#! /usr/bin/perl
use strict;
use warnings;
use File::Spec;
use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_d2i");
plan tests => 1;
ok(run(test(["d2i_test", srctop_file('test','d2i-tests','bad_cert.der')])),
"Running d2i_test bad_cert.der");