[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-379-gc4f9af4

by Christian Grothoff cvs at cvs.gnupg.org
Wed Nov 13 09:49:04 CET 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  c4f9af49f228df59c218381a25fa3c0f93ccbeae (commit)
      from  4fb3c8e5a7fc6a1568f54bcc0be17fecf75e0742 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c4f9af49f228df59c218381a25fa3c0f93ccbeae
Author: Christian Grothoff <christian at grothoff.org>
Date:   Mon Nov 11 16:04:30 2013 +0100

    ecc: Fix some memory leaks
    
    * cipher/ecc-curves.c (_gcry_mpi_ec_new): Free ec->b before assigning.
    * cipher/ecc.c (nist_generate_key): Release Q.
    * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Ditto.
    --
    
    _gcry_mpi_ec_new: Fixing memory leak detected with valgrind; if 'b' is
    non-NULL, the code in ec_p_init (ec.c:379) already makes a copy of
    'b', so before we clobber ctx->b here, we need to at least release the
    old value (however, it would of course be nicer to not first make a
    copy of b in the first place, but this is the most localized change to
    get rid of the memory leak).
    
    nist_generate_key: Fixing rather obvious local leak; Q is first
    initialized, then used, copied into the result but never released.

diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index 8c63f6c..5815e55 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -867,6 +867,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
 
       if (b)
         {
+          mpi_free (ec->b);
           ec->b = b;
           b = NULL;
         }
diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index b9e866d..92c0713 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -432,6 +432,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
   point_set (&sk->Q, &Q);
 
  leave:
+  point_free (&Q);
   gcry_mpi_release (a);
   gcry_mpi_release (x);
   gcry_mpi_release (y);
diff --git a/cipher/ecc.c b/cipher/ecc.c
index b9af185..9135b68 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -217,6 +217,7 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx,
       mpi_free (x);
   }
 
+  point_free (&Q);
   /* Now we can test our keys (this should never fail!).  */
   test_keys (sk, nbits - 64);
 

-----------------------------------------------------------------------

Summary of changes:
 cipher/ecc-curves.c |    1 +
 cipher/ecc-eddsa.c  |    1 +
 cipher/ecc.c        |    1 +
 3 files changed, 3 insertions(+)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org

More information about the Gnupg-commits mailing list