Linux-mtd Archive on lore.kernel.org
 help / color / Atom feed
From: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
To: linux-mtd@lists.infradead.org
Cc: richard@nod.at, David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Subject: [PATCH 05/15] mkfs.ubifs: don't leak temporary buffers
Date: Sun, 10 Nov 2019 16:30:49 +0100
Message-ID: <20191110153059.28878-6-david.oberhollenzer@sigma-star.at> (raw)
In-Reply-To: <20191110153059.28878-1-david.oberhollenzer@sigma-star.at>

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
---
 ubifs-utils/mkfs.ubifs/crypto.c  |  9 ++++++---
 ubifs-utils/mkfs.ubifs/fscrypt.c | 18 +++++++++++++++---
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c
index d31bd2a..19c445e 100644
--- a/ubifs-utils/mkfs.ubifs/crypto.c
+++ b/ubifs-utils/mkfs.ubifs/crypto.c
@@ -118,23 +118,26 @@ static ssize_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, si
 	cipher = EVP_aes_256_ecb();
 	if (!cipher) {
 		errmsg("OpenSSL: Cipher AES-256-ECB is not supported");
-		return -1;
+		goto fail;
 	}
 
 	if (do_hash(EVP_sha256(), key, key_len, sha256) != 0) {
 		errmsg("sha256 failed");
-		return -1;
+		goto fail;
 	}
 
 	ret = do_encrypt(cipher, iv, iv_len, sha256, EVP_MD_size(EVP_sha256()), NULL, 0, salt);
 	if (ret != iv_len) {
 		errmsg("Unable to compute ESSIV salt, return value %zi instead of %zi", ret, iv_len);
-		return -1;
+		goto fail;
 	}
 
 	free(sha256);
 
 	return ret;
+fail:
+	free(sha256);
+	return -1;
 }
 
 static ssize_t encrypt_block(const void *plaintext, size_t size,
diff --git a/ubifs-utils/mkfs.ubifs/fscrypt.c b/ubifs-utils/mkfs.ubifs/fscrypt.c
index 118c11c..b75bdf7 100644
--- a/ubifs-utils/mkfs.ubifs/fscrypt.c
+++ b/ubifs-utils/mkfs.ubifs/fscrypt.c
@@ -106,13 +106,19 @@ int encrypt_path(void **outbuf, void *data, unsigned int data_len,
 	memcpy(inbuf, data, data_len);
 
 	crypt_key = calc_fscrypt_subkey(fctx);
-	if (!crypt_key)
+	if (!crypt_key) {
+		free(inbuf);
+		free(*outbuf);
 		return err_msg("could not compute subkey");
+	}
 
 	ret = fscrypt_cipher->encrypt_fname(inbuf, cryptlen,
 					    crypt_key, *outbuf);
-	if (ret < 0)
+	if (ret < 0) {
+		free(inbuf);
+		free(*outbuf);
 		return err_msg("could not encrypt filename");
+	}
 
 	free(crypt_key);
 	free(inbuf);
@@ -133,13 +139,19 @@ int encrypt_data_node(struct fscrypt_context *fctx, unsigned int block_no,
 	memcpy(inbuf, &dn->data, length);
 
 	crypt_key = calc_fscrypt_subkey(fctx);
-	if (!crypt_key)
+	if (!crypt_key) {
+		free(inbuf);
+		free(outbuf);
 		return err_msg("could not compute subkey");
+	}
 
 	ret = fscrypt_cipher->encrypt_block(inbuf, pad_len,
 					    crypt_key, block_no,
 					    outbuf);
 	if (ret != pad_len) {
+		free(inbuf);
+		free(outbuf);
+		free(crypt_key);
 		return err_msg("encrypt_block returned %zi "
 				"instead of %zi", ret, pad_len);
 	}
-- 
2.21.0


______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

  parent reply index

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-10 15:30 [PATCH 00/15] mtd-utils: cleanup resource leaks David Oberhollenzer
2019-11-10 15:30 ` [PATCH 01/15] mkfs.ubifs: close file descriptor in add_file error path David Oberhollenzer
2019-11-10 15:30 ` [PATCH 02/15] mkfs.ubifs: don't leak copied command line arguments David Oberhollenzer
2019-11-10 15:30 ` [PATCH 03/15] mkfs.ubifs: free derived fscrypt context in add_directory error paths David Oberhollenzer
2019-11-10 15:30 ` [PATCH 04/15] mkfs.ubifs: don't leak hastable iterators David Oberhollenzer
2019-11-10 15:30 ` David Oberhollenzer [this message]
2019-11-10 15:30 ` [PATCH 06/15] mkfs.ubifs: propperly cleanup in ALL interpret_table_entry error paths David Oberhollenzer
2019-11-10 15:30 ` [PATCH 07/15] mkfs.jffs2: don't leak temporary buffer if readlink fails David Oberhollenzer
2019-11-10 15:30 ` [PATCH 08/15] libmtd: don't leak temporary buffers David Oberhollenzer
2019-11-10 15:30 ` [PATCH 09/15] ftl_check: " David Oberhollenzer
2019-11-10 15:30 ` [PATCH 10/15] ftl_format: " David Oberhollenzer
2019-11-10 15:30 ` [PATCH 11/15] ubiformat: don't leak file descriptors David Oberhollenzer
2019-11-10 15:30 ` [PATCH 12/15] nanddump: don't leak copied command line arguments David Oberhollenzer
2019-11-10 15:30 ` [PATCH 13/15] mtd_debug: cleanup error handling in flash_to_file David Oberhollenzer
2019-11-10 15:30 ` [PATCH 14/15] jittertest: fix error check for open system call David Oberhollenzer
2019-11-10 15:30 ` [PATCH 15/15] fs-tests: don't leak temporary buffers David Oberhollenzer

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191110153059.28878-6-david.oberhollenzer@sigma-star.at \
    --to=david.oberhollenzer@sigma-star.at \
    --cc=linux-mtd@lists.infradead.org \
    --cc=richard@nod.at \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-mtd Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-mtd/0 linux-mtd/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-mtd linux-mtd/ https://lore.kernel.org/linux-mtd \
		linux-mtd@lists.infradead.org
	public-inbox-index linux-mtd

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-mtd


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git