From 147e54a77ed43b1522f343114d79f8b4c8a6bfb2 Mon Sep 17 00:00:00 2001 From: Rob Percival Date: Mon, 7 Mar 2016 12:38:49 +0000 Subject: [PATCH] Fixes memory leaks in CT code MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Reviewed-by: Emilia Käsper Reviewed-by: Rich Salz --- crypto/ct/ct_sct.c | 2 +- test/ct_test.c | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c index 35f815235f..2b7211d7ea 100644 --- a/crypto/ct/ct_sct.c +++ b/crypto/ct/ct_sct.c @@ -402,7 +402,7 @@ int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx) goto end; } - issuer_pkey = X509_get_pubkey(ctx->issuer); + issuer_pkey = X509_get0_pubkey(ctx->issuer); if (X509_PUBKEY_set(&pub, issuer_pkey) != 1) goto err; diff --git a/test/ct_test.c b/test/ct_test.c index 99517a6d9f..30e1ac6533 100644 --- a/test/ct_test.c +++ b/test/ct_test.c @@ -80,7 +80,7 @@ typedef struct ct_test_fixture { /* Set the following to test handling of SCTs in TLS format */ const uint8_t *tls_sct; size_t tls_sct_len; - const SCT *sct; + SCT *sct; /* * A file to load the expected SCT text from. * This text will be compared to the actual text output during the test. @@ -124,6 +124,7 @@ end: static void tear_down(CT_TEST_FIXTURE fixture) { CTLOG_STORE_free(fixture.ctlog_store); + SCT_free(fixture.sct); ERR_print_errors_fp(stderr); } @@ -237,6 +238,8 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture) SCT *sct = NULL; char expected_sct_text[CT_TEST_MAX_FILE_SIZE]; int sct_text_len = 0; + unsigned char *tls_sct = NULL; + size_t tls_sct_len = 0; CT_POLICY_EVAL_CTX *ct_policy_ctx = CT_POLICY_EVAL_CTX_new(); if (fixture.sct_text_file_path != NULL) { @@ -361,8 +364,6 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture) if (fixture.tls_sct != NULL) { const unsigned char *p = fixture.tls_sct; - unsigned char *tls_sct; - size_t tls_sct_len; if (o2i_SCT(&sct, &p, fixture.tls_sct_len) == NULL) { test_failed = 1; fprintf(stderr, "Failed to decode SCT from TLS format\n"); @@ -403,6 +404,7 @@ end: SCT_LIST_free(scts); SCT_free(sct); CT_POLICY_EVAL_CTX_free(ct_policy_ctx); + OPENSSL_free(tls_sct); return test_failed; } @@ -502,8 +504,6 @@ static int test_encode_tls_sct() fixture.sct = sct; fixture.sct_text_file_path = "ct/tls1.sct"; EXECUTE_CT_TEST(); - - SCT_free(sct); } int main(int argc, char *argv[]) -- 2.25.1