|
 |
e3ffab |
From 39b02dae37106eba8e3204048ca5dc3c9040c11f Mon Sep 17 00:00:00 2001
|
|
|
e3ffab |
From: Jan Cholasta <jcholast@redhat.com>
|
|
|
e3ffab |
Date: Wed, 5 Nov 2014 08:59:57 +0000
|
|
|
e3ffab |
Subject: [PATCH] Fix various bugs in ipap11helper
|
|
|
e3ffab |
|
|
|
e3ffab |
Fixes a memory leak, a library handle leak and a double free.
|
|
|
e3ffab |
|
|
|
e3ffab |
Also remove some redundant NULL checks before free to prevent false positives
|
|
|
e3ffab |
in static code analysis.
|
|
|
e3ffab |
|
|
|
e3ffab |
https://fedorahosted.org/freeipa/ticket/4651
|
|
|
e3ffab |
|
|
|
e3ffab |
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
e3ffab |
---
|
|
|
e3ffab |
ipapython/ipap11helper/p11helper.c | 25 ++++++++++---------------
|
|
|
e3ffab |
1 file changed, 10 insertions(+), 15 deletions(-)
|
|
|
e3ffab |
|
|
|
e3ffab |
diff --git a/ipapython/ipap11helper/p11helper.c b/ipapython/ipap11helper/p11helper.c
|
|
|
e3ffab |
index df5302a7f867a38596d8fbb3001a8796659fb706..038c26c4520cc8f71edbee15b0ccd9bf292d7588 100644
|
|
|
e3ffab |
--- a/ipapython/ipap11helper/p11helper.c
|
|
|
e3ffab |
+++ b/ipapython/ipap11helper/p11helper.c
|
|
|
e3ffab |
@@ -334,8 +334,7 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
|
|
|
e3ffab |
if (tmp_objects_ptr == NULL) {
|
|
|
e3ffab |
*objects_count = 0;
|
|
|
e3ffab |
PyErr_SetString(ipap11helperError, "_find_key realloc failed");
|
|
|
e3ffab |
- if (result_objects != NULL)
|
|
|
e3ffab |
- free(result_objects);
|
|
|
e3ffab |
+ free(result_objects);
|
|
|
e3ffab |
return 0;
|
|
|
e3ffab |
} else {
|
|
|
e3ffab |
result_objects = tmp_objects_ptr;
|
|
|
e3ffab |
@@ -346,16 +345,14 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
|
|
|
e3ffab |
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
|
|
|
e3ffab |
&objectCount);
|
|
|
e3ffab |
if (!check_return_value(rv, "Check for duplicated key")) {
|
|
|
e3ffab |
- if (result_objects != NULL)
|
|
|
e3ffab |
- free(result_objects);
|
|
|
e3ffab |
+ free(result_objects);
|
|
|
e3ffab |
return 0;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
rv = self->p11->C_FindObjectsFinal(self->session);
|
|
|
e3ffab |
if (!check_return_value(rv, "Find objects final")) {
|
|
|
e3ffab |
- if (result_objects != NULL)
|
|
|
e3ffab |
- free(result_objects);
|
|
|
e3ffab |
+ free(result_objects);
|
|
|
e3ffab |
return 0;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
@@ -499,6 +496,8 @@ static int P11_Helper_init(P11_Helper *self, PyObject *args, PyObject *kwds) {
|
|
|
e3ffab |
CK_C_GetFunctionList pGetFunctionList = loadLibrary(library_path,
|
|
|
e3ffab |
&module_handle);
|
|
|
e3ffab |
if (!pGetFunctionList) {
|
|
|
e3ffab |
+ if (module_handle != NULL)
|
|
|
e3ffab |
+ unloadLibrary(module_handle);
|
|
|
e3ffab |
PyErr_SetString(ipap11helperError, "Could not load the library.");
|
|
|
e3ffab |
return -1;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
@@ -933,9 +932,7 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
|
|
|
e3ffab |
if (result_list == NULL) {
|
|
|
e3ffab |
PyErr_SetString(ipap11helperError,
|
|
|
e3ffab |
"Unable to create list with results");
|
|
|
e3ffab |
- if (objects != NULL) {
|
|
|
e3ffab |
- free(objects);
|
|
|
e3ffab |
- }
|
|
|
e3ffab |
+ free(objects);
|
|
|
e3ffab |
return NULL;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
Py_INCREF(result_list);
|
|
|
e3ffab |
@@ -944,13 +941,12 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
|
|
|
e3ffab |
== -1) {
|
|
|
e3ffab |
PyErr_SetString(ipap11helperError,
|
|
|
e3ffab |
"Unable to add to value to result list");
|
|
|
e3ffab |
- if (objects != NULL) {
|
|
|
e3ffab |
- free(objects);
|
|
|
e3ffab |
- }
|
|
|
e3ffab |
+ free(objects);
|
|
|
e3ffab |
return NULL;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
+ free(objects);
|
|
|
e3ffab |
return result_list;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
@@ -1193,7 +1189,6 @@ P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label,
|
|
|
e3ffab |
if (rsa == NULL) {
|
|
|
e3ffab |
PyErr_SetString(ipap11helperError,
|
|
|
e3ffab |
"import_RSA_public_key: EVP_PKEY_get1_RSA error");
|
|
|
e3ffab |
- free(pkey);
|
|
|
e3ffab |
return NULL;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
|
|
|
e3ffab |
@@ -1379,8 +1374,8 @@ P11_Helper_export_wrapped_key(P11_Helper* self, PyObject *args, PyObject *kwds)
|
|
|
e3ffab |
wrapped_key = malloc(wrapped_key_len);
|
|
|
e3ffab |
if (wrapped_key == NULL) {
|
|
|
e3ffab |
rv = CKR_HOST_MEMORY;
|
|
|
e3ffab |
- check_return_value(rv, "key wrapping: buffer allocation");
|
|
|
e3ffab |
- return 0;
|
|
|
e3ffab |
+ if (!check_return_value(rv, "key wrapping: buffer allocation"))
|
|
|
e3ffab |
+ return 0;
|
|
|
e3ffab |
}
|
|
|
e3ffab |
rv = self->p11->C_WrapKey(self->session, &wrapping_mech,
|
|
|
e3ffab |
object_wrapping_key, object_key, wrapped_key, &wrapped_key_len);
|
|
|
e3ffab |
--
|
|
|
e3ffab |
2.1.0
|
|
|
e3ffab |
|