From patchwork Fri May 22 14:19:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heiko Stuebner X-Patchwork-Id: 246293 List-Id: U-Boot discussion From: heiko at sntech.de (Heiko Stuebner) Date: Fri, 22 May 2020 16:19:34 +0200 Subject: [PATCH v5 5/8] lib: rsa: free local arrays after use in rsa_gen_key_prop() In-Reply-To: <20200522141937.3523692-1-heiko@sntech.de> References: <20200522141937.3523692-1-heiko@sntech.de> Message-ID: <20200522141937.3523692-5-heiko@sntech.de> From: Heiko Stuebner n, rr and rrtmp are used for internal calculations, but in the end the results are copied into separately allocated elements of the actual key_prop, so the n, rr and rrtmp elements are not used anymore when returning from the function and should of course be freed. Signed-off-by: Heiko Stuebner Reviewed-by: Philipp Tomsich --- changes in v4: - new patch lib/rsa/rsa-keyprop.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/lib/rsa/rsa-keyprop.c b/lib/rsa/rsa-keyprop.c index e28fbb7472..ac33b35ff9 100644 --- a/lib/rsa/rsa-keyprop.c +++ b/lib/rsa/rsa-keyprop.c @@ -655,7 +655,7 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop) struct rsa_key rsa_key; uint32_t *n = NULL, *rr = NULL, *rrtmp = NULL; const int max_rsa_size = 4096; - int rlen, i, ret; + int rlen, i, ret = 0; *prop = calloc(sizeof(**prop), 1); n = calloc(sizeof(uint32_t), 1 + (max_rsa_size >> 5)); @@ -663,12 +663,12 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop) rrtmp = calloc(sizeof(uint32_t), 1 + ((max_rsa_size * 2) >> 5)); if (!(*prop) || !n || !rr || !rrtmp) { ret = -ENOMEM; - goto err; + goto out; } ret = rsa_parse_pub_key(&rsa_key, key, keylen); if (ret) - goto err; + goto out; /* modulus */ /* removing leading 0's */ @@ -678,7 +678,7 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop) (*prop)->modulus = malloc(rsa_key.n_sz - i); if (!(*prop)->modulus) { ret = -ENOMEM; - goto err; + goto out; } memcpy((void *)(*prop)->modulus, &rsa_key.n[i], rsa_key.n_sz - i); @@ -686,7 +686,7 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop) (*prop)->public_exponent = calloc(1, sizeof(uint64_t)); if (!(*prop)->public_exponent) { ret = -ENOMEM; - goto err; + goto out; } memcpy((void *)(*prop)->public_exponent + sizeof(uint64_t) - rsa_key.e_sz, @@ -710,16 +710,15 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop) (*prop)->rr = malloc(rlen); if (!(*prop)->rr) { ret = -ENOMEM; - goto err; + goto out; } br_i32_encode((void *)(*prop)->rr, rlen, rr); - return 0; - -err: +out: free(n); free(rr); free(rrtmp); - rsa_free_key_prop(*prop); + if (ret < 0) + rsa_free_key_prop(*prop); return ret; }