yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

RESOURCE_LEAK in method STACK_OF(TRUST_TOKEN) *voprf_unblind before return 0

Browse Source 
Change-Id: I4288988f3742f14b15f80a3023b716392a667631
Signed-off-by: wangjiale3 <wangjiale3@xiaomi.corp-partner.google.com>
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/58485
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
wangjiale3 2023-03-31 16:45:06 +08:00 committed by Boringssl LUCI CQ
parent 44a389a7fc
commit 9a56503c15
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
crypto/trust_token/voprf.c
View File

@ -563,25 +563,23 @@ static STACK_OF(TRUST_TOKEN) *voprf_unblind(
return NULL;
}
int ok = 0;
STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
if (ret == NULL) {
return NULL;
}
if (count > ((size_t)-1) / sizeof(EC_RAW_POINT) ||
count > ((size_t)-1) / sizeof(EC_SCALAR)) {
OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW);
return 0;
return NULL;
}
int ok = 0;
STACK_OF(TRUST_TOKEN) *ret = sk_TRUST_TOKEN_new_null();
EC_RAW_POINT *BTs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
EC_RAW_POINT *Zs = OPENSSL_malloc(count * sizeof(EC_RAW_POINT));
EC_SCALAR *es = OPENSSL_malloc(count * sizeof(EC_SCALAR));
CBB batch_cbb;
CBB_zero(&batch_cbb);
if (!BTs ||
!Zs ||
!es ||
if (ret == NULL ||
BTs == NULL ||
Zs == NULL ||
es == NULL ||
!CBB_init(&batch_cbb, 0) ||
!cbb_add_point(&batch_cbb, method->group, &key->pubs)) {
goto err;