[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-recutils] [PATCH] libgcrypt cipher handle leaks
From: |
Daiki Ueno |
Subject: |
[bug-recutils] [PATCH] libgcrypt cipher handle leaks |
Date: |
Mon, 02 Apr 2012 12:52:20 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.0.94 (gnu/linux) |
Hi,
I noticed libgcrypt cipher handle leaks in rec-crypt.c (patch attached).
BTW, maybe good to use random IV instead of static ones, to avoid the
same cipher text being generated from the same key / plain text
combination?
>From b1b50b2fa41be60d6838418b7f55de509f0663d1 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <address@hidden>
Date: Mon, 2 Apr 2012 12:17:58 +0900
Subject: [PATCH] Fix libgcrypt cipher handle leak.
---
src/rec-crypt.c | 20 ++++++++++++++++++--
1 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/rec-crypt.c b/src/rec-crypt.c
index 6407fad..e989257 100644
--- a/src/rec-crypt.c
+++ b/src/rec-crypt.c
@@ -115,6 +115,7 @@ rec_encrypt (char *in,
if (gcry_cipher_setkey (handler, key, AESV2_KEYSIZE)
!= GPG_ERR_NO_ERROR)
{
+ gcry_cipher_close (handler);
return false;
}
@@ -122,7 +123,12 @@ rec_encrypt (char *in,
{
iv[i] = i;
}
- gcry_cipher_setiv (handler, iv, AESV2_BLKSIZE);
+ if (gcry_cipher_setiv (handler, iv, AESV2_BLKSIZE)
+ != GPG_ERR_NO_ERROR)
+ {
+ gcry_cipher_close (handler);
+ return false;
+ }
/* Encrypt the data. */
*out_size = real_in_size;
@@ -135,6 +141,7 @@ rec_encrypt (char *in,
real_in_size) != 0)
{
/* Error. */
+ gcry_cipher_close (handler);
return false;
}
@@ -183,6 +190,7 @@ rec_decrypt (char *in,
!= GPG_ERR_NO_ERROR)
{
printf ("error setting key\n");
+ gcry_cipher_close (handler);
return false;
}
@@ -190,7 +198,12 @@ rec_decrypt (char *in,
{
iv[i] = i;
}
- gcry_cipher_setiv (handler, iv, AESV2_BLKSIZE);
+ if (gcry_cipher_setiv (handler, iv, AESV2_BLKSIZE)
+ != GPG_ERR_NO_ERROR)
+ {
+ gcry_cipher_close (handler);
+ return false;
+ }
/* Decrypt the data. */
*out_size = in_size;
@@ -202,6 +215,7 @@ rec_decrypt (char *in,
in_size) != 0)
{
/* Error. */
+ gcry_cipher_close (handler);
return false;
}
@@ -219,6 +233,7 @@ rec_decrypt (char *in,
if (crc32 (*out, strlen(*out) - 4) != crc)
{
+ gcry_cipher_close (handler);
return false;
}
@@ -226,6 +241,7 @@ rec_decrypt (char *in,
}
else
{
+ gcry_cipher_close (handler);
return false;
}
--
1.7.7.6
Regards,
--
Daiki Ueno
- [bug-recutils] [PATCH] libgcrypt cipher handle leaks,
Daiki Ueno <=