Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-05-08 19:11:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

lib: rsa: free local arrays after use in rsa_gen_key_prop()

Browse source 
n, rr and rrtmp are used for internal calculations, but in the end
the results are copied into separately allocated elements of the
actual key_prop, so the n, rr and rrtmp elements are not used anymore
when returning from the function and should of course be freed.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Heiko Stuebner 2020-06-18 16:23:25 +02:00 committed by Tom Rini
parent 49d0ea3746
commit eda753be8a
1 changed files with 10 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

19
lib/rsa/rsa-keyprop.c
View file

@ -654,17 +654,17 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop)
{ {
struct rsa_key rsa_key; struct rsa_key rsa_key;
uint32_t *n = NULL, *rr = NULL, *rrtmp = NULL; uint32_t *n = NULL, *rr = NULL, *rrtmp = NULL;
int rlen, i, ret; int rlen, i, ret = 0;
*prop = calloc(sizeof(**prop), 1); *prop = calloc(sizeof(**prop), 1);
if (!(*prop)) { if (!(*prop)) {
ret = -ENOMEM; ret = -ENOMEM;
goto err; goto out;
} }
ret = rsa_parse_pub_key(&rsa_key, key, keylen); ret = rsa_parse_pub_key(&rsa_key, key, keylen);
if (ret) if (ret)
goto err; goto out;
/* modulus */ /* modulus */
/* removing leading 0's */ /* removing leading 0's */
@ -674,7 +674,7 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop)
(*prop)->modulus = malloc(rsa_key.n_sz - i); (*prop)->modulus = malloc(rsa_key.n_sz - i);
if (!(*prop)->modulus) { if (!(*prop)->modulus) {
ret = -ENOMEM; ret = -ENOMEM;
goto err; goto out;
} }
memcpy((void *)(*prop)->modulus, &rsa_key.n[i], rsa_key.n_sz - i); memcpy((void *)(*prop)->modulus, &rsa_key.n[i], rsa_key.n_sz - i);
@ -683,14 +683,14 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop)
rrtmp = calloc(sizeof(uint32_t), 2 + (((*prop)->num_bits * 2) >> 5)); rrtmp = calloc(sizeof(uint32_t), 2 + (((*prop)->num_bits * 2) >> 5));
if (!n || !rr || !rrtmp) { if (!n || !rr || !rrtmp) {
ret = -ENOMEM; ret = -ENOMEM;
goto err; goto out;
} }
/* exponent */ /* exponent */
(*prop)->public_exponent = calloc(1, sizeof(uint64_t)); (*prop)->public_exponent = calloc(1, sizeof(uint64_t));
if (!(*prop)->public_exponent) { if (!(*prop)->public_exponent) {
ret = -ENOMEM; ret = -ENOMEM;
goto err; goto out;
} }
memcpy((void *)(*prop)->public_exponent + sizeof(uint64_t) memcpy((void *)(*prop)->public_exponent + sizeof(uint64_t)
- rsa_key.e_sz, - rsa_key.e_sz,
@ -714,16 +714,15 @@ int rsa_gen_key_prop(const void *key, uint32_t keylen, struct key_prop **prop)
(*prop)->rr = malloc(rlen); (*prop)->rr = malloc(rlen);
if (!(*prop)->rr) { if (!(*prop)->rr) {
ret = -ENOMEM; ret = -ENOMEM;
goto err; goto out;
} }
br_i32_encode((void *)(*prop)->rr, rlen, rr); br_i32_encode((void *)(*prop)->rr, rlen, rr);
return 0; out:
err:
free(n); free(n);
free(rr); free(rr);
free(rrtmp); free(rrtmp);
if (ret < 0)
rsa_free_key_prop(*prop); rsa_free_key_prop(*prop);
return ret; return ret;
} }