[PATCH 1/2] unit: fix memory leak in test-dpp

[PATCH 1/2] unit: fix memory leak in test-dpp

[James Prestwood]

---
 unit/test-dpp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/unit/test-dpp.c b/unit/test-dpp.c
index 781d494a..0a4fd01f 100644
--- a/unit/test-dpp.c
+++ b/unit/test-dpp.c
@@ -331,8 +331,10 @@ static void test_key_derivation(const void *data)
 
 	if (vector->i_asn1) {
 		HEX2BUF(vector->i_asn1, tmp, sizeof(tmp));
+		l_free(asn1);
 		asn1 = dpp_point_to_asn1(i_boot_public, &asn1_len);
 
+		l_free(from_asn1);
 		from_asn1 = dpp_point_from_asn1(asn1, asn1_len);
 
 		assert(l_ecc_points_are_equal(from_asn1, i_boot_public));
-- 
2.34.1

[PATCH 2/2] crypto: fix uninitialized variable coverity warning

[James Prestwood]

For some encrypt operations DPP passes no AD iovecs (both are
NULL/0). But since the iovec itself is on the stack 'ad' is a
valid pointer from within aes_siv_encrypt. This causes memcpy
to be called which coverity complains about. Since the copy
length is zero it was effectively a no-op, but check num_ad to
prevent the call.
---
 src/crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/crypto.c b/src/crypto.c
index 3128b2a5..7235e3c2 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -331,7 +331,7 @@ bool aes_siv_encrypt(const void *key, size_t key_len, const void *in,
 	struct iovec iov[num_ad + 1];
 	uint8_t v[16];
 
-	if (ad)
+	if (ad && num_ad)
 		memcpy(iov, ad, sizeof(struct iovec) * num_ad);
 
 	iov[num_ad].iov_base = (void *)in;
-- 
2.34.1

Re: [PATCH 1/2] unit: fix memory leak in test-dpp

[Denis Kenzior]

Hi James,

On 2/27/24 13:35, James Prestwood wrote:
> ---
>   unit/test-dpp.c | 2 ++
>   1 file changed, 2 insertions(+)
> 

Both applied, thanks.

Regards,
-Denis