Cleaned up location of init and free for some programs to prevent memory

leaks on incorrect arguments
2025-12-24 08:16:33 +01:00 · 2014-04-17 16:02:36 +02:00 · 2014-04-17 16:02:36 +02:00 · 0c22610693
commit 0c22610693
parent cbe3d0d5cc
19 changed files with 95 additions and 48 deletions
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@ -277,8 +277,10 @@ exit:
    }
 #endif

+    if( server_fd != -1 )
+        net_close( server_fd );
+
    x509_crt_free( &cacert );
-    net_close( server_fd );
    ssl_free( &ssl );
    entropy_free( &entropy );

--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@ -108,6 +108,12 @@ int main( int argc, char *argv[] )
    ((void) argc);
    ((void) argv);

+    memset( &ssl, 0, sizeof(ssl_context) );
+
+    entropy_init( &entropy );
+    pk_init( &pkey );
+    x509_crt_init( &srvcert );
+
    signal( SIGCHLD, SIG_IGN );

    /*
@ -116,7 +122,6 @@ int main( int argc, char *argv[] )
    printf( "\n  . Initial seeding of the random generator..." );
    fflush( stdout );

-    entropy_init( &entropy );
    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
@ -133,8 +138,6 @@ int main( int argc, char *argv[] )
    printf( "  . Loading the server cert. and key..." );
    fflush( stdout );

-    x509_crt_init( &srvcert );
-
    /*
     * This demonstration program uses embedded test certificates.
     * Instead, you may want to use x509_crt_parse_file() to read the
@ -156,7 +159,6 @@ int main( int argc, char *argv[] )
        goto exit;
    }

-    pk_init( &pkey );
    ret =  pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
                          strlen( test_srv_key ), NULL, 0 );
    if( ret != 0 )
@ -246,7 +248,7 @@ int main( int argc, char *argv[] )
            printf( " failed\n  ! ctr_drbg_reseed returned %d\n", ret );
            goto exit;
        }
-        
+
        if( ( ret = ssl_init( &ssl ) ) != 0 )
        {
            printf( " failed\n  ! ssl_init returned %d\n\n", ret );
@ -360,7 +362,9 @@ int main( int argc, char *argv[] )

 exit:

-    net_close( client_fd );
+    if( client_fd != -1 )
+        net_close( client_fd );
+
    x509_crt_free( &srvcert );
    pk_free( &pkey );
    ssl_free( &ssl );
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@ -100,9 +100,13 @@ int main( int argc, char *argv[] )
    ((void) argc);
    ((void) argv);

+    memset( &ssl, 0, sizeof(ssl_context) );
 #if defined(POLARSSL_SSL_CACHE_C)
    ssl_cache_init( &cache );
 #endif
+    x509_crt_init( &srvcert );
+    pk_init( &pkey );
+    entropy_init( &entropy );

    /*
     * 1. Load the certificates and private RSA key
@ -110,8 +114,6 @@ int main( int argc, char *argv[] )
    printf( "\n  . Loading the server cert. and key..." );
    fflush( stdout );

-    x509_crt_init( &srvcert );
-
    /*
     * This demonstration program uses embedded test certificates.
     * Instead, you may want to use x509_crt_parse_file() to read the
@ -133,7 +135,6 @@ int main( int argc, char *argv[] )
        goto exit;
    }

-    pk_init( &pkey );
    ret =  pk_parse_key( &pkey, (const unsigned char *) test_srv_key,
                         strlen( test_srv_key ), NULL, 0 );
    if( ret != 0 )
@ -164,7 +165,6 @@ int main( int argc, char *argv[] )
    printf( "  . Seeding the random number generator..." );
    fflush( stdout );

-    entropy_init( &entropy );
    if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
                               (const unsigned char *) pers,
                               strlen( pers ) ) ) != 0 )
@ -352,7 +352,9 @@ exit:
    }
 #endif

-    net_close( client_fd );
+    if( client_fd != -1 )
+        net_close( client_fd );
+
    x509_crt_free( &srvcert );
    pk_free( &pkey );
    ssl_free( &ssl );
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -339,30 +339,44 @@ sni_entry *sni_parse( char *sni_string )

        if( ( new->cert = polarssl_malloc( sizeof( x509_crt ) ) ) == NULL ||
            ( new->key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
-            return( NULL );
+        {
+            cur = NULL;
+            goto exit;
+        }

        x509_crt_init( new->cert );
        pk_init( new->key );

        new->name = p;
-        while( *p != ',' ) if( ++p > end ) return( NULL );
+        while( *p != ',' ) if( ++p > end ) { cur = NULL; goto exit; }
        *p++ = '\0';

        crt_file = p;
-        while( *p != ',' ) if( ++p > end ) return( NULL );
+        while( *p != ',' ) if( ++p > end ) { cur = NULL; goto exit; }
        *p++ = '\0';

        key_file = p;
-        while( *p != ',' ) if( ++p > end ) return( NULL );
+        while( *p != ',' ) if( ++p > end ) { cur = NULL; goto exit; }
        *p++ = '\0';

        if( x509_crt_parse_file( new->cert, crt_file ) != 0 ||
            pk_parse_keyfile( new->key, key_file, "" ) != 0 )
-            return( NULL );
+        {
+            cur = NULL;
+            goto exit;
+        }

        new->next = cur;
        cur = new;
+        new = NULL;
+    }

+exit:
+    if( new != NULL )
+    {
+        x509_crt_free( new->cert);
+        pk_free( new->key );
+        polarssl_free( new );
    }

    return( cur );
@ -1345,7 +1359,9 @@ exit:
    }
 #endif

-    net_close( client_fd );
+    if( client_fd != -1 )
+        net_close( client_fd );
+
 #if defined(POLARSSL_X509_CRT_PARSE_C)
    x509_crt_free( &cacert );
    x509_crt_free( &srvcert );