From 39b02dae37106eba8e3204048ca5dc3c9040c11f Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Wed, 5 Nov 2014 08:59:57 +0000 Subject: [PATCH] Fix various bugs in ipap11helper Fixes a memory leak, a library handle leak and a double free. Also remove some redundant NULL checks before free to prevent false positives in static code analysis. https://fedorahosted.org/freeipa/ticket/4651 Reviewed-By: Alexander Bokovoy --- ipapython/ipap11helper/p11helper.c | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/ipapython/ipap11helper/p11helper.c b/ipapython/ipap11helper/p11helper.c index df5302a7f867a38596d8fbb3001a8796659fb706..038c26c4520cc8f71edbee15b0ccd9bf292d7588 100644 --- a/ipapython/ipap11helper/p11helper.c +++ b/ipapython/ipap11helper/p11helper.c @@ -334,8 +334,7 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template, if (tmp_objects_ptr == NULL) { *objects_count = 0; PyErr_SetString(ipap11helperError, "_find_key realloc failed"); - if (result_objects != NULL) - free(result_objects); + free(result_objects); return 0; } else { result_objects = tmp_objects_ptr; @@ -346,16 +345,14 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template, rv = self->p11->C_FindObjects(self->session, &result_object, 1, &objectCount); if (!check_return_value(rv, "Check for duplicated key")) { - if (result_objects != NULL) - free(result_objects); + free(result_objects); return 0; } } rv = self->p11->C_FindObjectsFinal(self->session); if (!check_return_value(rv, "Find objects final")) { - if (result_objects != NULL) - free(result_objects); + free(result_objects); return 0; } @@ -499,6 +496,8 @@ static int P11_Helper_init(P11_Helper *self, PyObject *args, PyObject *kwds) { CK_C_GetFunctionList pGetFunctionList = loadLibrary(library_path, &module_handle); if (!pGetFunctionList) { + if (module_handle != NULL) + unloadLibrary(module_handle); PyErr_SetString(ipap11helperError, "Could not load the library."); return -1; } @@ -933,9 +932,7 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) { if (result_list == NULL) { PyErr_SetString(ipap11helperError, "Unable to create list with results"); - if (objects != NULL) { - free(objects); - } + free(objects); return NULL; } Py_INCREF(result_list); @@ -944,13 +941,12 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) { == -1) { PyErr_SetString(ipap11helperError, "Unable to add to value to result list"); - if (objects != NULL) { - free(objects); - } + free(objects); return NULL; } } + free(objects); return result_list; } @@ -1193,7 +1189,6 @@ P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label, if (rsa == NULL) { PyErr_SetString(ipap11helperError, "import_RSA_public_key: EVP_PKEY_get1_RSA error"); - free(pkey); return NULL; } @@ -1379,8 +1374,8 @@ P11_Helper_export_wrapped_key(P11_Helper* self, PyObject *args, PyObject *kwds) wrapped_key = malloc(wrapped_key_len); if (wrapped_key == NULL) { rv = CKR_HOST_MEMORY; - check_return_value(rv, "key wrapping: buffer allocation"); - return 0; + if (!check_return_value(rv, "key wrapping: buffer allocation")) + return 0; } rv = self->p11->C_WrapKey(self->session, &wrapping_mech, object_wrapping_key, object_key, wrapped_key, &wrapped_key_len); -- 2.1.0