agorise/c-libp2p
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixed memory leak in secio

Browse source
This commit is contained in:
John Jones 2017-03-08 05:53:59 -05:00
parent 95d2a06855
commit c343d2d0ad
1 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
secio/secio.c
View file

@ -382,14 +382,18 @@ int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct Stret
if (strcmp(session->chosen_hash, "SHA1") == 0) { if (strcmp(session->chosen_hash, "SHA1") == 0) {
stretched_key->mac_size = 40; stretched_key->mac_size = 40;
} else if (strcmp(session->chosen_hash, "SHA512") == 0) { } else if (strcmp(session->chosen_hash, "SHA512") == 0) {
stretched_key->mac_size = 32; stretched_key->mac_size = 64;
} else if (strcmp(session->chosen_hash, "SHA256") == 0) { } else if (strcmp(session->chosen_hash, "SHA256") == 0) {
stretched_key->mac_size = 16; stretched_key->mac_size = 32;
} else { } else {
return 0; return 0;
} }
//TODO: Research this question..
// this was already made during the key stretch. Why make it again?
/*
stretched_key->mac_key = malloc(stretched_key->mac_size); stretched_key->mac_key = malloc(stretched_key->mac_size);
session->mac_function(stretched_key->cipher_key, stretched_key->cipher_size, stretched_key->mac_key); session->mac_function(stretched_key->cipher_key, stretched_key->cipher_size, stretched_key->mac_key);
*/
// block cipher // block cipher
if (strcmp(session->chosen_cipher, "AES-128") || strcmp(session->chosen_cipher, "AES-256") == 0) { if (strcmp(session->chosen_cipher, "AES-128") || strcmp(session->chosen_cipher, "AES-256") == 0) {
@ -531,7 +535,7 @@ int libp2p_secio_xor(const unsigned char* key, size_t key_size, const unsigned c
int key_pos = i; int key_pos = i;
if (key_pos > key_size) if (key_pos > key_size)
key_pos = key_pos % key_size; key_pos = key_pos % key_size;
outgoing[i] = incoming[i] ^ key[key_pos]; outgoing[i] = (char)(incoming[i] ^ key[key_pos]);
} }
return 1; return 1;
} }
@ -551,6 +555,7 @@ int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned cha
// mac_size for the mac // mac_size for the mac
size_t buffer_size = 4 + incoming_size + session->local_stretched_key->mac_size; size_t buffer_size = 4 + incoming_size + session->local_stretched_key->mac_size;
*outgoing = malloc(buffer_size); *outgoing = malloc(buffer_size);
memset(*outgoing, 0, buffer_size);
unsigned char* buffer = *outgoing; unsigned char* buffer = *outgoing;
// XOR the bytes into a new area // XOR the bytes into a new area
libp2p_secio_xor(session->local_stretched_key->cipher_key, session->local_stretched_key->cipher_size, incoming, incoming_size, &buffer[4]); libp2p_secio_xor(session->local_stretched_key->cipher_key, session->local_stretched_key->cipher_size, incoming, incoming_size, &buffer[4]);
@ -578,7 +583,9 @@ int libp2p_secio_encrypted_write(struct SecureSession* session, unsigned char* b
size_t buffer_size = 0; size_t buffer_size = 0;
if (!libp2p_secio_encrypt(session, bytes, num_bytes, &buffer, &buffer_size)) if (!libp2p_secio_encrypt(session, bytes, num_bytes, &buffer, &buffer_size))
return 0; return 0;
return libp2p_secio_unencrypted_write(session, buffer, buffer_size); int retVal = libp2p_secio_unencrypted_write(session, buffer, buffer_size);
free(buffer);
return retVal;
} }
/** /**
@ -871,7 +878,6 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
// ?? Do we need this half? // ?? Do we need this half?
libp2p_secio_make_mac_and_cipher(local_session, local_session->remote_stretched_key); libp2p_secio_make_mac_and_cipher(local_session, local_session->remote_stretched_key);
/* temporarily comment this out to chase memory bug...
// send expected message (their nonce) to verify encryption works // send expected message (their nonce) to verify encryption works
if (libp2p_secio_encrypted_write(local_session, (unsigned char*)local_session->remote_nonce, 16) <= 0) if (libp2p_secio_encrypted_write(local_session, (unsigned char*)local_session->remote_nonce, 16) <= 0)
goto exit; goto exit;
@ -884,7 +890,6 @@ int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivat
if (libp2p_secio_bytes_compare((char*)results, local_session->local_nonce, 16) != 0) if (libp2p_secio_bytes_compare((char*)results, local_session->local_nonce, 16) != 0)
goto exit; goto exit;
*/
retVal = 1; retVal = 1;
exit: exit: