From 5d2554ed31fa6bc121d94efe533f9e4fea3900aa Mon Sep 17 00:00:00 2001

From: Rob Crittenden <rcritten@redhat.com>

Date: Thu, 4 Oct 2018 08:21:35 -0400

Subject: [PATCH 10/17] Fix memory leak in util_internal_token_name()

Allocate memory using the talloc context instead of relying on

the caller to call free().

---

 src/certread-n.c | 2 +-

 src/certsave-n.c | 2 +-

 src/keygen-n.c   | 2 +-

 src/keyiread-n.c | 2 +-

 src/submit-n.c   | 2 +-

 src/util-n.c     | 2 +-

 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/certread-n.c b/src/certread-n.c

index 1d9217c6..d535030b 100644

--- a/src/certread-n.c

+++ b/src/certread-n.c

@@ -191,7 +191,7 @@ cm_certread_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,

 		_exit(CM_SUB_STATUS_ERROR_AUTH);

 	}

 	if (entry->cm_cert_token == NULL) {

-		entry->cm_cert_token = util_internal_token_name();

+		entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());

 	}

 	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);

 	for (sle = slotlist->head;

diff --git a/src/certsave-n.c b/src/certsave-n.c

index fcb43148..49b28324 100644

--- a/src/certsave-n.c

+++ b/src/certsave-n.c

@@ -215,7 +215,7 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,

 		}

 		PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);

 		if (entry->cm_cert_token == NULL) {

-			entry->cm_cert_token = util_internal_token_name();

+			entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());

 		}

 		for (sle = slotlist->head;

 		     ((sle != NULL) && (sle->slot != NULL));

diff --git a/src/keygen-n.c b/src/keygen-n.c

index f7fdf6c0..76a5c1d3 100644

--- a/src/keygen-n.c

+++ b/src/keygen-n.c

@@ -273,7 +273,7 @@ cm_keygen_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,

 		_exit(CM_SUB_STATUS_ERROR_NO_TOKEN);

 	}

 	if (entry->cm_cert_token == NULL) {

-		entry->cm_cert_token = util_internal_token_name();

+		entry->cm_cert_token = talloc_strdup(entry, util_internal_token_name());

 	}

 	/* Walk the list looking for the requested slot, or the first one if

 	 * none was requested. */

diff --git a/src/keyiread-n.c b/src/keyiread-n.c

index b8408bf1..8f46ec0f 100644

--- a/src/keyiread-n.c

+++ b/src/keyiread-n.c

@@ -153,7 +153,7 @@ cm_keyiread_n_get_keys(struct cm_store_entry *entry, int readwrite)

 	}

 	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);

 	if (entry->cm_key_token == NULL) {

-		entry->cm_key_token = util_internal_token_name();

+		entry->cm_key_token = talloc_strdup(entry, util_internal_token_name());

 	}

 	n_tokens = 0;

 	pubkey = NULL;

diff --git a/src/submit-n.c b/src/submit-n.c

index da07d253..ee6f3105 100644

--- a/src/submit-n.c

+++ b/src/submit-n.c

@@ -347,7 +347,7 @@ cm_submit_n_decrypt_envelope(const unsigned char *envelope,

 		goto done;

 	}

 	if (args->entry->cm_key_token == NULL) {

-		args->entry->cm_key_token = util_internal_token_name();

+		args->entry->cm_key_token = talloc_strdup(args->entry, util_internal_token_name());

 	}

 	PK11_SetPasswordFunc(&cm_pin_read_for_cert_nss_cb);

 	n_tokens = 0;

diff --git a/src/util-n.c b/src/util-n.c

index 293e2583..4ab3d47b 100644

--- a/src/util-n.c

+++ b/src/util-n.c

@@ -291,5 +291,5 @@ util_set_db_entry_cert_owner(const char *dbdir, struct cm_store_entry *entry)

 char *

 util_internal_token_name()

 {

-	return strdup(PK11_GetTokenName(PK11_GetInternalKeySlot()));

+	return PK11_GetTokenName(PK11_GetInternalKeySlot());

 }

-- 

2.14.4