diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-03-28 10:06:05 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-03-28 10:21:41 -0400 |
commit | 1d315b28a21330863039ce27c1996e2a47544fc6 (patch) | |
tree | a1f376602c3ab13d54191d926decbe402965d915 /src | |
parent | fc877b3c9e437f097b73f1b3eee22fc66375ca88 (diff) | |
download | tor-1d315b28a21330863039ce27c1996e2a47544fc6.tar.gz tor-1d315b28a21330863039ce27c1996e2a47544fc6.zip |
Fix a memory leak in tor-gencert.
This way I can run chutney under asan.
Fixes part of 18672.
Diffstat (limited to 'src')
-rw-r--r-- | src/tools/tor-gencert.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index 4e5e1dc590..c05066722a 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -402,6 +402,7 @@ key_to_string(EVP_PKEY *key) b = BIO_new(BIO_s_mem()); if (!PEM_write_bio_RSAPublicKey(b, rsa)) { crypto_log_errors(LOG_WARN, "writing public key to string"); + RSA_free(rsa); return NULL; } @@ -413,6 +414,7 @@ key_to_string(EVP_PKEY *key) result[buf->length] = 0; BUF_MEM_free(buf); + RSA_free(rsa); return result; } @@ -488,10 +490,13 @@ generate_certificate(void) tor_free(signing); /* Append a cross-certification */ + RSA *rsa = EVP_PKEY_get1_RSA(signing_key); r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)id_digest, (unsigned char*)signature, - EVP_PKEY_get1_RSA(signing_key), + rsa, RSA_PKCS1_PADDING); + RSA_free(rsa); + signed_len = strlen(buf); base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r, BASE64_ENCODE_MULTILINE); @@ -503,10 +508,12 @@ generate_certificate(void) signed_len = strlen(buf); SHA1((const unsigned char*)buf,signed_len,(unsigned char*)digest); + rsa = EVP_PKEY_get1_RSA(identity_key); r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)digest, (unsigned char*)signature, - EVP_PKEY_get1_RSA(identity_key), + rsa, RSA_PKCS1_PADDING); + RSA_free(rsa); strlcat(buf, "-----BEGIN SIGNATURE-----\n", sizeof(buf)); signed_len = strlen(buf); base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r, |