Fixed double free in SKE library error handling.

author Pekka Riikonen <priikone@silcnet.org>

Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)

committer Pekka Riikonen <priikone@silcnet.org>

Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)
author Pekka Riikonen <priikone@silcnet.org>
Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)
committer Pekka Riikonen <priikone@silcnet.org>
Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)
diff --git a/CHANGES b/CHANGES

index fb53fc93d2ca1964665f4a44a79ed91fcd99a420..b7660c4d41c0a0b82b7159338f02b9ed11e13b2f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,8 @@
+Wed Dec 11 10:01:26 CET 2002 Pekka Riikonen <priikone@silcnet.org>
+
+       * Fixed double free in SKE library error hadling when signature
+         error occurred.  Affected file lib/silcske/silcske.c.
+
  Tue Dec 10 21:47:56 EET 2002  Pekka Riikonen <priikone@silcnet.org>
  
         * Fixed double free in invite list adding code when adding
diff --git a/lib/silcske/silcske.c b/lib/silcske/silcske.c

index 4fd34f780c840b044f56b68d95f36f7f02c30774..9388324c54edd1eda226cdc27ba6a65711e0f8c7 100644 (file)
--- a/lib/silcske/silcske.c
+++ b/lib/silcske/silcske.c
@@ -389,6 +389,7 @@ SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
        silc_free(x);
        silc_mp_uninit(&payload->x);
        silc_free(payload);
+      ske->ke1_payload = NULL;
        ske->status = SILC_SKE_STATUS_OK;
        return ske->status;
      }
@@ -398,7 +399,7 @@ SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
  
    /* Compute signature data if we are doing mutual authentication */
    if (private_key && ske->start_payload->flags & SILC_SKE_SP_FLAG_MUTUAL) {
-    unsigned char hash[32], sign[2048];
+    unsigned char hash[32], sign[2048 + 1];
      SilcUInt32 hash_len, sign_len;
  
      SILC_LOG_DEBUG(("We are doing mutual authentication"));
@@ -420,6 +421,7 @@ SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
        silc_mp_uninit(&payload->x);
        silc_free(payload->pk_data);
        silc_free(payload);
+      ske->ke1_payload = NULL;
        ske->status = SILC_SKE_STATUS_SIGNATURE_ERROR;
        return ske->status;
      }
@@ -435,7 +437,9 @@ SilcSKEStatus silc_ske_initiator_phase_2(SilcSKE ske,
      silc_free(x);
      silc_mp_uninit(&payload->x);
      silc_free(payload->pk_data);
+    silc_free(payload->sign_data);
      silc_free(payload);
+    ske->ke1_payload = NULL;
      ske->status = status;
      return status;
    }
@@ -1016,7 +1020,7 @@ SilcSKEStatus silc_ske_responder_finish(SilcSKE ske,
    SilcSKEStatus status = SILC_SKE_STATUS_OK;
    SilcBuffer payload_buf;
    SilcMPInt *KEY;
-  unsigned char hash[32], sign[2048], *pk;
+  unsigned char hash[32], sign[2048 + 1], *pk;
    SilcUInt32 hash_len, sign_len, pk_len;
  
    SILC_LOG_DEBUG(("Start"));
author	Pekka Riikonen <priikone@silcnet.org>
	Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)
committer	Pekka Riikonen <priikone@silcnet.org>
	Wed, 11 Dec 2002 09:03:04 +0000 (09:03 +0000)
CHANGES		patch \| blob \| history
lib/silcske/silcske.c		patch \| blob \| history