Fixing EVP_CIPHER_CTX leak in aes.cpp

zorggomat · Sep 9, 2021 · fe87ec8 · fe87ec8
1 parent 36b926c
commit fe87ec8
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 12 deletions.
diff --git a/core/aes.cpp b/core/aes.cpp
@@ -2,6 +2,12 @@
 
 AES::AES()
 {
+    ctx = EVP_CIPHER_CTX_new();
+}
+
+AES::~AES()
+{
+    EVP_CIPHER_CTX_free(ctx);
 }
 
 void AES::setMode(Mode mode)
@@ -34,12 +40,12 @@ void AES::setPassword(QString password)
 void AES::run()
 {
     if(end - pos >= 16 * 1024 * 1024) emit started();
-    mode == Encrypt ? encryptFilePart(device, pos, end, &key) :
-                      decryptFilePart(device, pos, end, &key) ;
+    mode == Encrypt ? encryptFilePart(device, pos, end, &key, ctx) :
+                      decryptFilePart(device, pos, end, &key, ctx) ;
     emit finished();
 }
 
-bool AES::encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password)
+bool AES::encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password, EVP_CIPHER_CTX *ctx)
 {
     unsigned char key[512];
     unsigned char iv[16];
@@ -54,7 +60,6 @@ bool AES::encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteAr
     qint64 additional = size % bufferSize;
     emit setMaximumValue(parts);
 
-    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
     if(!ctx) return false;
     if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_xts(), NULL, key, NULL)) return false;
 
@@ -77,12 +82,11 @@ bool AES::encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteAr
     file->seek(pos + parts * bufferSize);
     file->write((char*)outBuffer, additional);
 
-    EVP_CIPHER_CTX_free(ctx);
     emit finished();
     return true;
 }
 
-bool AES::decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password)
+bool AES::decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password, EVP_CIPHER_CTX *ctx)
 {
     unsigned char key[512];
     unsigned char iv[16];
@@ -97,7 +101,6 @@ bool AES::decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteAr
     qint64 additional = size % bufferSize;
     emit setMaximumValue(parts);
 
-    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
     if(!ctx) return false;
     if(!EVP_DecryptInit_ex(ctx, EVP_aes_256_xts(), NULL, key, NULL)) return false;
 
@@ -121,7 +124,6 @@ bool AES::decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteAr
     file->seek(pos + parts * bufferSize);
     file->write((char*)outBuffer, len);
 
-    EVP_CIPHER_CTX_free(ctx);
     emit finished();
     return true;
 }
diff --git a/core/aes.h b/core/aes.h
@@ -25,10 +25,12 @@ class AES : public QObject, public QRunnable
     QIODevice *device;
     qint64 pos, end;
     QByteArray key;
-    bool encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password);
-    bool decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password);
+    EVP_CIPHER_CTX *ctx;
+    bool encryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password, EVP_CIPHER_CTX *ctx);
+    bool decryptFilePart(QIODevice *file, qint64 pos, qint64 end, const QByteArray *password, EVP_CIPHER_CTX *ctx);
 public:
     AES();
+    ~AES();
     void run();
     void setMode(Mode mode);
     void setIODevice(QIODevice *iodevice);

diff --git a/core/fractalcryptcore.cpp b/core/fractalcryptcore.cpp
@@ -28,6 +28,7 @@ FractalCryptCore::~FractalCryptCore()
 {
     delete progressDialog;
     delete noizeCreator;
+    delete aes;
 }
 
 FractalCryptCore& FractalCryptCore::Instance()

diff --git a/core/noizecreator.hpp b/core/noizecreator.hpp
@@ -33,8 +33,6 @@ class NoizeCreator : public QObject, public QRunnable
         emit setMaximumValue(parts);
         for(int i = 0; i < parts; ++i)
         {
-            for(int j = 0; j < 4096; ++j)
-                buffer[j] = (char)random.generate();
             device->write(buffer, 4096);
             emit updateValue(i);
         }