summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorest31 <MTest31@outlook.com>2015-07-24 21:38:40 +0200
committerest31 <MTest31@outlook.com>2015-07-24 22:42:54 +0200
commit5bde7798e9c90904c0d38c75da1f2ce2d62922af (patch)
treecaaf2b8a12f832ad64fad2f4bbdadc12a40af8b8
parentaab7c83d0229c2c7aa3b60de3ca1b1a4eb326b55 (diff)
downloadminetest-5bde7798e9c90904c0d38c75da1f2ce2d62922af.tar.gz
minetest-5bde7798e9c90904c0d38c75da1f2ce2d62922af.tar.bz2
minetest-5bde7798e9c90904c0d38c75da1f2ce2d62922af.zip
Check output of mpz_set_str and fix leak on error condition
Also add static identifier as upstream did
-rw-r--r--src/util/sha256.c4
-rw-r--r--src/util/srp.cpp31
2 files changed, 21 insertions, 14 deletions
diff --git a/src/util/sha256.c b/src/util/sha256.c
index 311aac4a8..4c2bb71a8 100644
--- a/src/util/sha256.c
+++ b/src/util/sha256.c
@@ -15,8 +15,8 @@
const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
/* mem_clr.c */
-unsigned char cleanse_ctr = 0;
-void OPENSSL_cleanse(void *ptr, size_t len)
+unsigned static char cleanse_ctr = 0;
+static void OPENSSL_cleanse(void *ptr, size_t len)
{
unsigned char *p = ptr;
size_t loop = len, ctr = cleanse_ctr;
diff --git a/src/util/srp.cpp b/src/util/srp.cpp
index 6fafe8280..0d3ddf278 100644
--- a/src/util/srp.cpp
+++ b/src/util/srp.cpp
@@ -166,6 +166,15 @@ static struct NGHex global_Ng_constants[] = {
};
+static void delete_ng(NGConstant *ng)
+{
+ if (ng) {
+ mpz_clear(ng->N);
+ mpz_clear(ng->g);
+ free(ng);
+ }
+}
+
static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_hex )
{
NGConstant *ng = (NGConstant *) malloc(sizeof(NGConstant));
@@ -180,21 +189,17 @@ static NGConstant *new_ng( SRP_NGType ng_type, const char *n_hex, const char *g_
g_hex = global_Ng_constants[ ng_type ].g_hex;
}
- mpz_set_str(ng->N, n_hex, 16);
- mpz_set_str(ng->g, g_hex, 16);
-
- return ng;
-}
+ int rv = 0;
+ rv = mpz_set_str(ng->N, n_hex, 16);
+ rv = rv | mpz_set_str(ng->g, g_hex, 16);
-static void delete_ng( NGConstant *ng )
-{
- if (ng) {
- mpz_clear(ng->N);
- mpz_clear(ng->g);
- free(ng);
+ if (rv) {
+ delete_ng(ng);
+ return 0;
}
-}
+ return ng;
+}
typedef union
@@ -849,6 +854,8 @@ err_exit:
mpz_clear(usr->a);
mpz_clear(usr->A);
mpz_clear(usr->S);
+ if (usr->ng)
+ delete_ng(usr->ng);
if (usr->username)
free(usr->username);
if (usr->username_verifier)