From c343d2d0ad1e2d4def471064f4e7593f2f61ac88 Mon Sep 17 00:00:00 2001 From: John Jones Date: Wed, 8 Mar 2017 05:53:59 -0500 Subject: [PATCH] Fixed memory leak in secio --- secio/secio.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/secio/secio.c b/secio/secio.c index 19ed101..9f7d483 100644 --- a/secio/secio.c +++ b/secio/secio.c @@ -382,14 +382,18 @@ int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct Stret if (strcmp(session->chosen_hash, "SHA1") == 0) { stretched_key->mac_size = 40; } else if (strcmp(session->chosen_hash, "SHA512") == 0) { - stretched_key->mac_size = 32; + stretched_key->mac_size = 64; } else if (strcmp(session->chosen_hash, "SHA256") == 0) { - stretched_key->mac_size = 16; + stretched_key->mac_size = 32; } else { return 0; } + //TODO: Research this question.. + // this was already made during the key stretch. Why make it again? + /* stretched_key->mac_key = malloc(stretched_key->mac_size); session->mac_function(stretched_key->cipher_key, stretched_key->cipher_size, stretched_key->mac_key); + */ // block cipher if (strcmp(session->chosen_cipher, "AES-128") || strcmp(session->chosen_cipher, "AES-256") == 0) { @@ -531,7 +535,7 @@ int libp2p_secio_xor(const unsigned char* key, size_t key_size, const unsigned c int key_pos = i; if (key_pos > key_size) key_pos = key_pos % key_size; - outgoing[i] = incoming[i] ^ key[key_pos]; + outgoing[i] = (char)(incoming[i] ^ key[key_pos]); } return 1; } @@ -551,6 +555,7 @@ int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned cha // mac_size for the mac size_t buffer_size = 4 + incoming_size + session->local_stretched_key->mac_size; *outgoing = malloc(buffer_size); + memset(*outgoing, 0, buffer_size); unsigned char* buffer = *outgoing; // XOR the bytes into a new area libp2p_secio_xor(session->local_stretched_key->cipher_key, session->local_stretched_key->cipher_size, incoming, incoming_size, &buffer[4]); @@ -578,7 +583,9 @@ int libp2p_secio_encrypted_write(struct SecureSession* session, unsigned char* b size_t buffer_size = 0; if (!libp2p_secio_encrypt(session, bytes, num_bytes, &buffer, &buffer_size)) return 0; - return libp2p_secio_unencrypted_write(session, buffer, buffer_size); + int retVal = libp2p_secio_unencrypted_write(session, buffer, buffer_size); + free(buffer); + return retVal; } /** @@ -871,7 +878,6 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat // ?? Do we need this half? libp2p_secio_make_mac_and_cipher(local_session, local_session->remote_stretched_key); - /* temporarily comment this out to chase memory bug... // send expected message (their nonce) to verify encryption works if (libp2p_secio_encrypted_write(local_session, (unsigned char*)local_session->remote_nonce, 16) <= 0) goto exit; @@ -884,7 +890,6 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat if (libp2p_secio_bytes_compare((char*)results, local_session->local_nonce, 16) != 0) goto exit; - */ retVal = 1; exit: