[git] GCRYPT - branch, master, updated. post-nuke-of-trailing-ws-24-gd9db921
by Werner Koch
cvs at cvs.gnupg.org
Mon Apr 4 16:57:57 CEST 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via d9db9210b67b613f60c2f73923c53336abb74438 (commit)
via 63c752291c448deabc4e7ea2e2c317e1d2c1bd46 (commit)
from 934d270ff8193a5931b143ce850f66f50d03dedf (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d9db9210b67b613f60c2f73923c53336abb74438
Author: Werner Koch <wk at gnupg.org>
Date: Mon Apr 4 16:27:36 2011 +0200
Fix a small memory leak in gcry_pk_get_keygrip.
These are two memory leaks, one in the generic code and one ECC
specific. For an RSA key the first one accounted for 10 bytes, which
is not that small if applied on a large key database.
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 8961676..df27bab 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3 +1,10 @@
+2011-04-04 Werner Koch <wk at g10code.com>
+
+ * ecc.c (compute_keygrip): Release L1 while parsing "curve".
+
+ * pubkey.c (gcry_pk_get_keygrip): Always release NAME and L2.
+ Reported by Ben Kibbey.
+
2011-03-28 Werner Koch <wk at g10code.com>
* primegen.c (_gcry_generate_elg_prime): Make sure that PRIME is
diff --git a/cipher/ecc.c b/cipher/ecc.c
index f809b53..bbff7ee 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -1620,6 +1620,7 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparam)
tmpvalues[idx] = NULL;
curve = _gcry_sexp_nth_string (l1, 1);
+ gcry_sexp_release (l1);
if (!curve)
{
ec = GPG_ERR_INV_OBJ; /* Name missing or out of core. */
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 02eeecc..27fb7f7 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -2401,6 +2401,7 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
int idx;
const char *elems;
gcry_md_hd_t md = NULL;
+ int okay = 0;
REGISTER_DEFAULT_PUBKEYS;
@@ -2479,16 +2480,14 @@ gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array)
}
memcpy (array, gcry_md_read (md, GCRY_MD_SHA1), 20);
- gcry_md_close (md);
- gcry_sexp_release (list);
- return array;
+ okay = 1;
fail:
gcry_free (name);
gcry_sexp_release (l2);
gcry_md_close (md);
gcry_sexp_release (list);
- return NULL;
+ return okay? array : NULL;
}
commit 63c752291c448deabc4e7ea2e2c317e1d2c1bd46
Author: Werner Koch <wk at gnupg.org>
Date: Mon Apr 4 16:26:41 2011 +0200
Add a test option to help finding memory leaks.
diff --git a/tests/ChangeLog b/tests/ChangeLog
index e25f134..0f5918a 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,8 @@
+2011-04-04 Werner Koch <wk at g10code.com>
+
+ * keygrip.c (main): Add option --repetitions.
+ (check): Make use of it.
+
2011-03-28 Werner Koch <wk at g10code.com>
* random.c (readn): Remove used var P.
diff --git a/tests/keygrip.c b/tests/keygrip.c
index a33053f..adc72e7 100644
--- a/tests/keygrip.c
+++ b/tests/keygrip.c
@@ -31,6 +31,7 @@
#include "../src/gcrypt.h"
static int verbose;
+static int repetitions;
�
@@ -143,6 +144,7 @@ check (void)
gcry_error_t err;
gcry_sexp_t sexp;
unsigned int i;
+ int repn;
for (i = 0; i < (sizeof (key_grips) / sizeof (*key_grips)); i++)
{
@@ -157,14 +159,18 @@ check (void)
strlen (key_grips[i].key));
if (err)
die ("scanning data %d failed: %s\n", i, gpg_strerror (err));
- ret = gcry_pk_get_keygrip (sexp, buf);
- if (!ret)
- die ("gcry_pk_get_keygrip failed for %d\n", i);
- if ( memcmp (key_grips[i].grip, buf, sizeof (buf)) )
+ for (repn=0; repn < repetitions; repn++)
{
- print_hex ("keygrip: ", buf, sizeof buf);
- die ("keygrip for %d does not match\n", i);
+ ret = gcry_pk_get_keygrip (sexp, buf);
+ if (!ret)
+ die ("gcry_pk_get_keygrip failed for %d\n", i);
+
+ if ( memcmp (key_grips[i].grip, buf, sizeof (buf)) )
+ {
+ print_hex ("keygrip: ", buf, sizeof buf);
+ die ("keygrip for %d does not match\n", i);
+ }
}
gcry_sexp_release (sexp);
@@ -188,12 +194,44 @@ progress_handler (void *cb_data, const char *what, int printchar,
int
main (int argc, char **argv)
{
+ int last_argc = -1;
int debug = 0;
- if (argc > 1 && !strcmp (argv[1], "--verbose"))
- verbose = 1;
- else if (argc > 1 && !strcmp (argv[1], "--debug"))
- verbose = debug = 1;
+ if (argc)
+ { argc--; argv++; }
+
+ while (argc && last_argc != argc )
+ {
+ last_argc = argc;
+ if (!strcmp (*argv, "--"))
+ {
+ argc--; argv++;
+ break;
+ }
+ else if (!strcmp (*argv, "--verbose"))
+ {
+ verbose = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--debug"))
+ {
+ verbose = 1;
+ debug = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--repetitions"))
+ {
+ argc--; argv++;
+ if (argc)
+ {
+ repetitions = atoi(*argv);
+ argc--; argv++;
+ }
+ }
+ }
+
+ if (repetitions < 1)
+ repetitions = 1;
if (!gcry_check_version (GCRYPT_VERSION))
die ("version mismatch\n");
-----------------------------------------------------------------------
Summary of changes:
cipher/ChangeLog | 7 ++++++
cipher/ecc.c | 1 +
cipher/pubkey.c | 7 ++---
tests/ChangeLog | 5 ++++
tests/keygrip.c | 58 ++++++++++++++++++++++++++++++++++++++++++++---------
5 files changed, 64 insertions(+), 14 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list