[git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.5-2-g72b0d74

by NIIBE Yutaka cvs at cvs.gnupg.org
Wed Feb 10 09:50:58 CET 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, LIBGCRYPT-1-6-BRANCH has been updated
       via  72b0d74103fef216479f97f9d5fe23e95f6b3ccc (commit)
      from  929495541b6b737585a1ba620adbd2789b2cf65f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 72b0d74103fef216479f97f9d5fe23e95f6b3ccc
Author: NIIBE Yutaka <gniibe at fsij.org>
Date:   Wed Feb 10 17:39:14 2016 +0900

    ecc: Fix memory leaks on error.
    
    * cipher/ecc.c (ecc_generate): Go to leave to release memory.
    (ecc_check_secret_key, ecc_sign, ecc_verify): Likewise.
    (ecc_encrypt_raw, ecc_decrypt_raw): Likewise.
    * mpi/ec.c (_gcry_mpi_ec_curve_point): Likewise.
    
    --
    
    Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>

diff --git a/cipher/ecc.c b/cipher/ecc.c
index 9b05d46..29d1d33 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -467,10 +467,12 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
 
   /* NBITS is required if no curve name has been given.  */
   if (!nbits && !curve_name)
-    return GPG_ERR_NO_OBJ; /* No NBITS parameter. */
+    {
+      rc = GPG_ERR_NO_OBJ; /* No NBITS parameter. */
+      goto leave;
+    }
 
   rc = _gcry_ecc_fill_in_curve (nbits, curve_name, &E, &nbits);
-  xfree (curve_name); curve_name = NULL;
   if (rc)
     goto leave;
 
@@ -513,7 +515,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
                                         !!(flags & PUBKEY_FLAG_COMP),
                                         &encpk, &encpklen);
       if (rc)
-        return rc;
+        goto leave;
       public = mpi_new (0);
       mpi_set_opaque (public, encpk, encpklen*8);
       encpk = NULL;
@@ -609,6 +611,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
   _gcry_mpi_ec_free (ctx);
   sexp_release (curve_flags);
   sexp_release (curve_info);
+  xfree (curve_name);
   return rc;
 }
 
@@ -660,7 +663,7 @@ ecc_check_secret_key (gcry_sexp_t keyparms)
                                              &sk.E.p, &sk.E.a, &sk.E.b,
                                              &mpi_g, &sk.E.n);
           if (rc)
-            return rc;
+            goto leave;
         }
     }
   if (mpi_g)
@@ -800,7 +803,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
         {
           rc = _gcry_ecc_fill_in_curve (0, curvename, &sk.E, NULL);
           if (rc)
-            return rc;
+            goto leave;
         }
     }
   /* Guess required fields if a curve parameter has not been given.
@@ -964,7 +967,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
         {
           rc = _gcry_ecc_fill_in_curve (0, curvename, &pk.E, NULL);
           if (rc)
-            return rc;
+            goto leave;
         }
     }
   /* Guess required fields if a curve parameter has not been given.
@@ -1171,7 +1174,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms)
         {
           rc = _gcry_ecc_fill_in_curve (0, curvename, &pk.E, NULL);
           if (rc)
-            return rc;
+            goto leave;
         }
     }
   /* Guess required fields if a curve parameter has not been given.  */
@@ -1338,7 +1341,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
         {
           rc = _gcry_ecc_fill_in_curve (0, curvename, &sk.E, NULL);
           if (rc)
-            return rc;
+            goto leave;
         }
     }
   /* Guess required fields if a curve parameter has not been given.  */
@@ -1375,8 +1378,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
   rc = _gcry_ecc_os2ec (&kG, data_e);
   if (rc)
     {
-      point_free (&kG);
-      return rc;
+      goto leave;
     }
 
   ec = _gcry_mpi_ec_p_internal_new (sk.E.model, sk.E.dialect, 0,
@@ -1384,8 +1386,8 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
 
   if (!_gcry_mpi_ec_curve_point (&kG, ec))
     {
-      point_free (&kG);
-      return GPG_ERR_INV_DATA;
+      rc = GPG_ERR_INV_DATA;
+      goto leave;
     }
 
   /* R = dkG */
diff --git a/mpi/ec.c b/mpi/ec.c
index cb4113c..c14b728 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -1255,7 +1255,7 @@ _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx)
   w = mpi_new (0);
 
   if (_gcry_mpi_ec_get_affine (x, y, point, ctx))
-    return 0;
+    goto leave;
 
   switch (ctx->model)
     {
@@ -1304,6 +1304,7 @@ _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx)
       break;
     }
 
+ leave:
   _gcry_mpi_release (w);
   _gcry_mpi_release (x);
   _gcry_mpi_release (y);

-----------------------------------------------------------------------

Summary of changes:
 cipher/ecc.c | 26 ++++++++++++++------------
 mpi/ec.c     |  3 ++-
 2 files changed, 16 insertions(+), 13 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org

More information about the Gnupg-commits mailing list