[Qemu-devel] [PATCHv2] cipher: fix leak on initialization error

[Qemu-devel] [PATCHv2] cipher: fix leak on initialization error

[Marc-André Lureau]

On error path, ctx may be leaked. Assign ctx earlier, and call
qcrypto_cipher_free() on error.

Spotted thanks to ASAN.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 crypto/cipher-nettle.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index cd094cd..5798910 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -254,6 +254,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
     cipher->mode = mode;
 
     ctx = g_new0(QCryptoCipherNettle, 1);
+    cipher->opaque = ctx;
 
     switch (alg) {
     case QCRYPTO_CIPHER_ALG_DES_RFB:
@@ -384,13 +385,11 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
     }
 
     ctx->iv = g_new0(uint8_t, ctx->blocksize);
-    cipher->opaque = ctx;
 
     return cipher;
 
  error:
-    g_free(cipher);
-    g_free(ctx);
+    qcrypto_cipher_free(cipher);
     return NULL;
 }
 
-- 
2.10.0

Re: [Qemu-devel] [PATCHv2] cipher: fix leak on initialization error

[Daniel P. Berrange]

On Wed, Nov 09, 2016 at 02:28:18PM +0400, Marc-André Lureau wrote:
> On error path, ctx may be leaked. Assign ctx earlier, and call
> qcrypto_cipher_free() on error.
> 
> Spotted thanks to ASAN.
> 
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
>  crypto/cipher-nettle.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)

Thanks, queued on my crypto-next branch


Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://entangle-photo.org       -o-    http://search.cpan.org/~danberr/ :|