From a8236c8c322101c273d14c62282f264555e147c4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 15 Feb 1999 21:05:21 +0000 Subject: [PATCH] Fix various memory leaks in SSL, apps and DSA --- CHANGES | 6 ++++++ apps/s_cb.c | 10 +++++++--- apps/s_client.c | 8 ++++++-- apps/sc.c | 6 +++++- crypto/dsa/dsa_vrf.c | 1 - ssl/s2_clnt.c | 6 ++++-- ssl/s2_srvr.c | 5 +++-- ssl/s3_both.c | 1 + ssl/s3_clnt.c | 9 ++++++--- ssl/s3_srvr.c | 1 + ssl/ssl_rsa.c | 8 ++++++-- 11 files changed, 45 insertions(+), 16 deletions(-) diff --git a/CHANGES b/CHANGES index 7cc1ece6eb..043c7552a7 100644 --- a/CHANGES +++ b/CHANGES @@ -5,9 +5,15 @@ Changes between 0.9.1c and 0.9.2 + *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory + leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes + in apps/ and an unrellated leak in crypto/dsa/dsa_vrf.c + [Steve Henson] + *) Support for RAW extensions where an arbitrary extension can be created by including its DER encoding. See apps/openssl.cnf for an example. + [Steve Henson] *) Make sure latest Perl versions don't interpret some generated C array code as Perl array code in the crypto/err/err_genc.pl script. diff --git a/apps/s_cb.c b/apps/s_cb.c index 1a7b06e1ee..ba0b548ea1 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -156,9 +156,13 @@ char *key_file; ssl=SSL_new(ctx); x509=SSL_get_certificate(ssl); - if (x509 != NULL) - EVP_PKEY_copy_parameters(X509_get_pubkey(x509), - SSL_get_privatekey(ssl)); + if (x509 != NULL) { + EVP_PKEY *pktmp; + pktmp = X509_get_pubkey(x509); + EVP_PKEY_copy_parameters(pktmp, + SSL_get_privatekey(ssl)); + EVP_PKEY_free(pktmp); + } SSL_free(ssl); */ diff --git a/apps/s_client.c b/apps/s_client.c index 2830785c95..a75e8ae311 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -743,9 +743,13 @@ int full; BIO_printf(bio,"%s, Cipher is %s\n", SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); - if (peer != NULL) + if (peer != NULL) { + EVP_PKEY *pktmp; + pktmp = X509_get_pubkey(peer); BIO_printf(bio,"Server public key is %d bit\n", - EVP_PKEY_bits(X509_get_pubkey(peer))); + EVP_PKEY_bits(pktmp)); + EVP_PKEY_free(pktmp); + } SSL_SESSION_print(bio,SSL_get_session(s)); BIO_printf(bio,"---\n"); if (peer != NULL) diff --git a/apps/sc.c b/apps/sc.c index f6015e8329..fccd805921 100644 --- a/apps/sc.c +++ b/apps/sc.c @@ -770,8 +770,12 @@ int full; SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); if (peer != NULL) + { + EVP_PKEY *pktmp; BIO_printf(bio,"Server public key is %d bit\n", - EVP_PKEY_bits(X509_get_pubkey(peer))); + EVP_PKEY_bits(pktmp)); + EVP_PKEY_free(pktmp); + } SSL_SESSION_print(bio,SSL_get_session(s)); BIO_printf(bio,"---\n"); if (peer != NULL) diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index 71cefbeaa4..37e8781dd6 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -91,7 +91,6 @@ DSA *dsa; int ret = -1; if ((ctx=BN_CTX_new()) == NULL) goto err; - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; BN_init(&u1); BN_init(&u2); diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 0c13842014..9c8037b48b 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -953,8 +953,9 @@ unsigned char *data; goto err; ret=1; err: - if (sk != NULL) sk_free(sk); - if (x509 != NULL) X509_free(x509); + sk_free(sk); + X509_free(x509); + EVP_PKEY_free(pkey); return(ret); } @@ -985,6 +986,7 @@ int padding; if (i < 0) SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB); end: + EVP_PKEY_free(pkey); return(i); } diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 7e8732f9cc..8580ac6a8d 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -910,6 +910,7 @@ SSL *s; pkey=X509_get_pubkey(x509); if (pkey == NULL) goto end; i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey); + EVP_PKEY_free(pkey); memset(&ctx,0,sizeof(ctx)); if (i) @@ -933,8 +934,8 @@ msg_end: ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE); } end: - if (sk != NULL) sk_free(sk); - if (x509 != NULL) X509_free(x509); + sk_free(sk); + X509_free(x509); return(ret); } diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 487981ef0e..0dad8919c7 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -404,6 +404,7 @@ EVP_PKEY *pkey; ret= -1; err: + if(!pkey) EVP_PKEY_free(pk); return(ret); } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 436215094a..363118835c 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -814,8 +814,9 @@ f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); } err: - if (x != NULL) X509_free(x); - if (sk != NULL) sk_pop_free(sk,X509_free); + EVP_PKEY_free(pkey); + X509_free(x); + sk_pop_free(sk,X509_free); return(ret); } @@ -1103,11 +1104,12 @@ SSL *s; goto f_err; } } - + EVP_PKEY_free(pkey); return(1); f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); err: + EVP_PKEY_free(pkey); return(-1); } @@ -1622,6 +1624,7 @@ SSL *s; idx=c->cert_type; pkey=X509_get_pubkey(c->pkeys[idx].x509); i=X509_certificate_type(c->pkeys[idx].x509,pkey); + EVP_PKEY_free(pkey); /* Check that we have a certificate if we require one */ diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index ddf377c122..a827a58d49 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1510,6 +1510,7 @@ f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); } end: + EVP_PKEY_free(pkey); return(ret); } diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index a8a62f1b04..745a8ec24f 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -229,8 +229,10 @@ EVP_PKEY *pkey; if (c->pkeys[i].x509 != NULL) { - EVP_PKEY_copy_parameters( - X509_get_pubkey(c->pkeys[i].x509),pkey); + EVP_PKEY *pktmp; + pktmp = X509_get_pubkey(c->pkeys[i].x509); + EVP_PKEY_copy_parameters(pktmp,pkey); + EVP_PKEY_free(pktmp); ERR_clear_error(); #ifndef NO_RSA @@ -503,6 +505,7 @@ X509 *x; if (i < 0) { SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE); + EVP_PKEY_free(pkey); return(0); } @@ -549,6 +552,7 @@ X509 *x; else ok=1; + EVP_PKEY_free(pkey); if (bad) { EVP_PKEY_free(c->pkeys[i].privatekey); -- 2.25.1