QPQ-AG/enacl
10
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Plug a large set of memory leaks in signing

Browse Source 
If you fail, there are cases where binaries are not properly released.
This patch fixes them all in signing.
This commit is contained in:
Jesper Louis Andersen 2020-01-22 22:22:29 +01:00
parent e67619a403
commit 018bf0f6fc
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
c_src/generichash.c
View File

@ -195,9 +195,9 @@ ERL_NIF_TERM enacl_crypto_generichash_init(ErlNifEnv *env, int argc,
ret = enif_make_resource(env, obj); ret = enif_make_resource(env, obj);
goto done; goto done;
bad_arg: bad_arg:
return enif_make_badarg(env); return enif_make_badarg(env);
err: err:
ret = enacl_error_tuple(env, "internal_error"); ret = enacl_error_tuple(env, "internal_error");
if (obj != NULL) { if (obj != NULL) {

13
c_src/sign.c
View File

@ -103,10 +103,8 @@ ERL_NIF_TERM enacl_crypto_sign_update(ErlNifEnv *env, int argc,
// Validate the arguments // Validate the arguments
if (argc != 2) if (argc != 2)
goto bad_arg; goto bad_arg;
if (!enif_get_resource(env, argv[0], enacl_sign_ctx_rtype, (void **)&obj)) if (!enif_get_resource(env, argv[0], enacl_sign_ctx_rtype, (void **)&obj))
goto bad_arg; goto bad_arg;
if (!enif_inspect_binary(env, argv[1], &data)) if (!enif_inspect_binary(env, argv[1], &data))
goto bad_arg; goto bad_arg;
@ -165,6 +163,7 @@ ERL_NIF_TERM enacl_crypto_sign_final_create(ErlNifEnv *env, int argc,
ret = enif_make_tuple2(env, ok, signature); ret = enif_make_tuple2(env, ok, signature);
goto cleanup; goto cleanup;
bad_arg: bad_arg:
return enif_make_badarg(env); return enif_make_badarg(env);
release: release:
@ -230,6 +229,7 @@ enacl_crypto_sign_ed25519_keypair(ErlNifEnv *env, int argc,
} }
if (!enif_alloc_binary(crypto_sign_ed25519_SECRETKEYBYTES, &sk)) { if (!enif_alloc_binary(crypto_sign_ed25519_SECRETKEYBYTES, &sk)) {
enif_release_binary(&pk);
return enacl_error_tuple(env, "alloc_failed"); return enacl_error_tuple(env, "alloc_failed");
} }
@ -254,6 +254,7 @@ enacl_crypto_sign_ed25519_sk_to_pk(ErlNifEnv *env, int argc,
} }
if (crypto_sign_ed25519_sk_to_pk(pk.data, sk.data) != 0) { if (crypto_sign_ed25519_sk_to_pk(pk.data, sk.data) != 0) {
enif_release_binary(&pk);
return enacl_error_tuple(env, "crypto_sign_ed25519_sk_to_pk_failed"); return enacl_error_tuple(env, "crypto_sign_ed25519_sk_to_pk_failed");
} }
@ -276,6 +277,7 @@ enacl_crypto_sign_ed25519_public_to_curve25519(ErlNifEnv *env, int argc,
if (crypto_sign_ed25519_pk_to_curve25519(curve25519_pk.data, if (crypto_sign_ed25519_pk_to_curve25519(curve25519_pk.data,
ed25519_pk.data) != 0) { ed25519_pk.data) != 0) {
enif_release_binary(&curve25519_pk);
return enacl_error_tuple(env, "ed25519_public_to_curve25519_failed"); return enacl_error_tuple(env, "ed25519_public_to_curve25519_failed");
} }
@ -298,6 +300,7 @@ enacl_crypto_sign_ed25519_secret_to_curve25519(ErlNifEnv *env, int argc,
if (crypto_sign_ed25519_sk_to_curve25519(curve25519_sk.data, if (crypto_sign_ed25519_sk_to_curve25519(curve25519_sk.data,
ed25519_sk.data) != 0) { ed25519_sk.data) != 0) {
enif_release_binary(&curve25519_sk);
return enacl_error_tuple(env, "ed25519_secret_to_curve25519_failed"); return enacl_error_tuple(env, "ed25519_secret_to_curve25519_failed");
} }
@ -344,6 +347,7 @@ ERL_NIF_TERM enacl_crypto_sign_keypair(ErlNifEnv *env, int argc,
} }
if (!enif_alloc_binary(crypto_sign_SECRETKEYBYTES, &sk)) { if (!enif_alloc_binary(crypto_sign_SECRETKEYBYTES, &sk)) {
enif_release_binary(&pk);
return enacl_error_tuple(env, "alloc_failed"); return enacl_error_tuple(env, "alloc_failed");
} }
@ -366,6 +370,7 @@ ERL_NIF_TERM enacl_crypto_sign_seed_keypair(ErlNifEnv *env, int argc,
} }
if (!enif_alloc_binary(crypto_sign_SECRETKEYBYTES, &sk)) { if (!enif_alloc_binary(crypto_sign_SECRETKEYBYTES, &sk)) {
enif_release_binary(&pk);
return enacl_error_tuple(env, "alloc_failed"); return enacl_error_tuple(env, "alloc_failed");
} }
@ -484,8 +489,8 @@ enacl_crypto_sign_verify_detached(ErlNifEnv *env, int argc,
} }
if (0 == crypto_sign_verify_detached(sig.data, m.data, m.size, pk.data)) { if (0 == crypto_sign_verify_detached(sig.data, m.data, m.size, pk.data)) {
return enif_make_atom(env, "true"); return enif_make_atom(env, ATOM_TRUE);
} else { } else {
return enif_make_atom(env, "false"); return enif_make_atom(env, ATOM_FALSE);
} }
} }