summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorElio Maldonado Batiz <emaldona@redhat.com>2009-05-19 12:23:14 -0400
committerRob Crittenden <rcritten@redhat.com>2009-06-29 10:28:32 -0400
commit6f7f653c5dc2deca95d3453d706ddc4c2eb46e70 (patch)
tree9c3d794bce886adea45790bf503f08410a9bee3a
parent68e1f0edb82cb86f42bcae0fc87d7aa800f255ee (diff)
downloadpemnss-6f7f653c5dc2deca95d3453d706ddc4c2eb46e70.zip
pemnss-6f7f653c5dc2deca95d3453d706ddc4c2eb46e70.tar.gz
pemnss-6f7f653c5dc2deca95d3453d706ddc4c2eb46e70.tar.xz
Fix leaks in make_key and md_SessionLogin plus error codes
Resolves 501191
-rw-r--r--psession.c19
1 files changed, 15 insertions, 4 deletions
diff --git a/psession.c b/psession.c
index aa9cfe1..2eefcbc 100644
--- a/psession.c
+++ b/psession.c
@@ -93,7 +93,7 @@ make_key(const unsigned char *salt, const unsigned char *data, int len,
MD5Context *Md5Ctx = MD5_NewContext();
unsigned int digestLen;
int count, i;
- char H[25];
+ unsigned char H[25];
nkey = 24;
count = 0;
@@ -114,6 +114,7 @@ make_key(const unsigned char *salt, const unsigned char *data, int len,
}
count++;
}
+ MD5_DestroyContext(Md5Ctx, PR_TRUE);
return 24;
}
@@ -323,7 +324,7 @@ pem_mdSession_Login
arena = PORT_NewArena(2048);
if (!arena) {
- goto loser;
+ return CKR_HOST_MEMORY;
}
plog("pem_mdSession_Login '%s'\n", (char *) pin->data);
@@ -347,9 +348,17 @@ pem_mdSession_Login
output =
(unsigned char *) nss_ZAlloc(NULL,
(io->u.key.key.privateKey->len + 1));
+ if (!output) {
+ rv = CKR_HOST_MEMORY;
+ goto loser;
+ }
cx = DES_CreateContext((const unsigned char *) mykey, iv,
io->u.key.cipher, PR_FALSE);
+ if (!cx) {
+ rv = CKR_HOST_MEMORY;
+ goto loser;
+ }
rv = DES_Decrypt(cx, output, &len, io->u.key.key.privateKey->len,
io->u.key.key.privateKey->data,
@@ -361,12 +370,14 @@ pem_mdSession_Login
iv = NULL;
}
if (rv != SECSuccess) {
+ rv = CKR_PIN_INCORRECT;
goto loser;
}
lpk = (NSSLOWKEYPrivateKey *) nss_ZAlloc(NULL,
sizeof (NSSLOWKEYPrivateKey));
if (lpk == NULL) {
+ rv = CKR_HOST_MEMORY;
goto loser;
}
@@ -391,7 +402,7 @@ pem_mdSession_Login
if (rv != SECSuccess)
goto loser;
- return CKR_OK;
+ rv = CKR_OK;
loser:
if (arena)
@@ -400,7 +411,7 @@ pem_mdSession_Login
free(iv);
nss_ZFreeIf(output);
- return CKR_PIN_INCORRECT;
+ return rv;
}
NSS_IMPLEMENT NSSCKMDSession *