mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity

Address potential memory leak in openssldh_parse()

Browse Source 
'dh' was being assigned to key->keydata.dh too soon which could
result in a memory leak on error.  Moved the assignement of
key->keydata.dh until after dh was correct.

Coverity was reporting dead code on the error path cleaning up 'dh'
which triggered this review.
This commit is contained in:
Mark Andrews
2021-11-01 11:13:43 +11:00
parent dfd040a5aa
commit 573a5858fa
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/dns/openssldh_link.c
View File

@@ -1116,8 +1116,6 @@ openssldh_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
DST_RET(ISC_R_NOMEMORY);
}
DH_clear_flags(dh, DH_FLAG_CACHE_MONT_P);
key->keydata.dh = dh;
dh = NULL;
#else
bld = OSSL_PARAM_BLD_new();
if (bld == NULL) {
@@ -1155,11 +1153,11 @@ openssldh_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
}
#if OPENSSL_VERSION_NUMBER < 0x30000000L
if (DH_set0_key(key->keydata.dh, pub_key, priv_key) != 1) {
if (DH_set0_key(dh, pub_key, priv_key) != 1) {
DST_RET(dst__openssl_toresult2("DH_set0_key",
DST_R_OPENSSLFAILURE));
}
if (DH_set0_pqg(key->keydata.dh, p, NULL, g) != 1) {
if (DH_set0_pqg(dh, p, NULL, g) != 1) {
DST_RET(dst__openssl_toresult2("DH_set0_pqg",
DST_R_OPENSSLFAILURE));
}
@@ -1169,6 +1167,9 @@ openssldh_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
priv_key = NULL;
p = NULL;
g = NULL;
key->keydata.dh = dh;
dh = NULL;
#else
if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub_key) !=
1 ||