Leak less memory. [rsc] --rw-rw-r-- M 249245 glenda sys 54895 Sep 17 11:38 sys/src/libsec/port/tlshand.c /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/tlshand.c:2068,2076 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/tlshand.c:2068,2079 uchar *a; Bytes* ans; + a = nil; n = (mpsignif(big)+7)/8; m = mptobe(big, nil, n, &a); ans = makebytes(a, m); + if(a != nil) + free(a); return ans; } [rsc] --rw-rw-r-- M 249245 glenda sys 50653 Sep 17 11:39 sys/src/libsec/port/x509.c /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1459,1465 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1459,1465 freeints(v->u.objidval); break; case VString: - if (v->u.stringval) + if(v->u.stringval) free(v->u.stringval); break; case VSeq: /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1466,1472 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1466,1472 el = v->u.seqval; for(l = el; l != nil; l = l->tl) freevalfields(&l->hd.val); - if (el) + if(el) freeelist(el); break; case VSet: /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1473,1479 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1473,1479 el = v->u.setval; for(l = el; l != nil; l = l->tl) freevalfields(&l->hd.val); - if (el) + if(el) freeelist(el); break; } /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1598,1604 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1598,1604 static void freecert(CertX509* c) { - if (!c) return; + if(!c) return; if(c->issuer != nil) free(c->issuer); if(c->validity_start != nil) /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1609,1614 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1609,1615 free(c->subject); freebytes(c->publickey); freebytes(c->signature); + free(c); } /* /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1831,1845 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1832,1849 decode_rsapubkey(Bytes* a) { Elem e; - Elist *el; + Elist *el, *l; mpint *mp; RSApub* key; + l = nil; key = rsapuballoc(); if(decode(a->data, a->len, &e) != ASN_OK) goto errret; if(!is_seq(&e, &el) || elistlen(el) != 2) goto errret; + + l = el; key->n = mp = asn1mpint(&el->hd); if(mp == nil) /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:1849,1856 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:1853,1865 key->ek = mp = asn1mpint(&el->hd); if(mp == nil) goto errret; + + if(l != nil) + freeelist(l); return key; errret: + if(l != nil) + freeelist(l); rsapubfree(key); return nil; } /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:2003,2010 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:2012,2022 p+length < p) return; info = p; - if(ber_decode(&p, pend, &elem) != ASN_OK || elem.tag.num != SEQUENCE) + if(ber_decode(&p, pend, &elem) != ASN_OK) return; + freevalfields(&elem.val); + if(elem.tag.num != SEQUENCE) + return; infolen = p - info; (*digestfun)(info, infolen, digest, nil); } /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:2019,2025 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:2031,2041 int buflen; mpint *pkcs1; int nlen; + char *err; + err = nil; + pkcs1buf = nil; + /* one less than the byte length of the modulus */ nlen = (mpsignif(pk->n)-1)/8; /n/sourcesdump/2005/0917/plan9/sys/src/libsec/port/x509.c:2029,2050 - /n/sourcesdump/2005/0918/plan9/sys/src/libsec/port/x509.c:2045,2079 pkcs1buf = nil; buflen = mptobe(pkcs1, nil, 0, &pkcs1buf); buf = pkcs1buf; - if(buflen != nlen || buf[0] != 1) - return "expected 1"; + if(buflen != nlen || buf[0] != 1) { + err = "expected 1"; + goto end; + } buf++; while(buf[0] == 0xff) buf++; - if(buf[0] != 0) - return "expected 0"; + if(buf[0] != 0) { + err = "expected 0"; + goto end; + } buf++; buflen -= buf-pkcs1buf; if(decode(buf, buflen, &e) != ASN_OK || !is_seq(&e, &el) || elistlen(el) != 2 || - !is_octetstring(&el->tl->hd, &digest)) - return "signature parse error"; + !is_octetstring(&el->tl->hd, &digest)) { + err = "signature parse error"; + goto end; + } *psigalg = &el->hd; if(memcmp(digest->data, edigest, digest->len) == 0) - return nil; - return "digests did not match"; + goto end; + err = "digests did not match"; + + end: + if(pkcs1 != nil) + mpfree(pkcs1); + if(pkcs1buf != nil) + free(pkcs1buf); + return err; } RSApub* [sys] --rwxrwxr-x M 249245 glenda sys 232667 Sep 17 23:09 386/bin/hget [sys] --rwxrwxr-x M 249245 glenda sys 471908 Sep 17 23:09 386/bin/vncs [sys] --rwxrwxr-x M 249245 glenda sys 518730 Sep 17 23:09 386/bin/vncv [sys] --rwxrwxr-x M 249245 glenda sys 272234 Sep 17 23:09 386/bin/ftpfs [sys] --rwxrwxr-x M 249245 glenda sys 349999 Sep 17 23:09 386/bin/webfs /sys/src/libsec/port/tlshand.c:mptobytes /sys/src/libsec/port/x509.c:decode_rsapubkey /sys/src/libsec/port/x509.c:digest_certinfo /sys/src/libsec/port/x509.c:freecert /sys/src/libsec/port/x509.c:verify_signature [sys] --rwxrwxr-x M 249245 rsc sys 119856 Sep 17 23:09 386/bin/auth/asn12rsa [sys] --rwxrwxr-x M 249245 rsc sys 179931 Sep 17 23:09 386/bin/auth/rsa2csr [sys] --rwxrwxr-x M 249245 rsc sys 183692 Sep 17 23:09 386/bin/auth/rsa2x509 /sys/src/libsec/port/x509.c:decode_rsapubkey /sys/src/libsec/port/x509.c:digest_certinfo /sys/src/libsec/port/x509.c:freecert /sys/src/libsec/port/x509.c:verify_signature [sys] --rwxrwxr-x M 249245 glenda sys 291029 Sep 17 23:09 386/bin/ip/httpd/httpd [sys] --rwxrwxr-x M 249245 rsc sys 197885 Sep 17 23:09 386/bin/tlsclient [sys] --rwxrwxr-x M 249245 glenda sys 198123 Sep 17 23:09 386/bin/tlssrv [sys] --rwxrwxr-x M 249245 glenda sys 333054 Sep 17 23:09 386/bin/upas/fs [sys] --rwxrwxr-x M 249245 glenda sys 260589 Sep 17 23:09 386/bin/upas/pop3 [sys] --rwxrwxr-x M 249245 glenda sys 274558 Sep 17 23:09 386/bin/upas/smtp [sys] --rwxrwxr-x M 249245 glenda sys 329607 Sep 17 23:09 386/bin/upas/smtpd /sys/src/libsec/port/tlshand.c:mptobytes /sys/src/libsec/port/x509.c:decode_rsapubkey /sys/src/libsec/port/x509.c:digest_certinfo /sys/src/libsec/port/x509.c:freecert /sys/src/libsec/port/x509.c:verify_signature [sys] --rw-rw-r-- M 249245 glenda sys 645922 Sep 17 23:09 386/lib/libsec.a