From 0b97ae9501376cb7dd12360b3699fab440eee046 Mon Sep 17 00:00:00 2001 From: Anju Date: Tue, 19 Mar 2013 18:49:36 +0530 Subject: [PATCH] [Security] Fixed memory leaks through valgrind tool Change-Id: Idf22b4aeb6f2b5b415d0bd07bd3987cbbd337763 Signed-off-by: Anju --- src/security/FSecKeyPairGenerator.cpp | 9 ++++----- src/security/FSecRsaKeyConverter.cpp | 10 ++++++++-- src/security/pkcs/FSecPkcsAlgorithmIdentifier.cpp | 5 ++++- src/security/pkcs/FSecPkcsInitialVector.cpp | 1 - .../pkcs/FSecPkcs_AlgorithmIdentifierImpl.cpp | 17 +++++++++++++++-- src/security/pkcs/FSecPkcs_InitialVectorImpl.cpp | 5 +++++ .../pkcs/FSecPkcs_Pkcs05PbEs2ParametersImpl.cpp | 19 ++++++++++++++----- .../pkcs/FSecPkcs_Pkcs05PbKdf2ParametersImpl.cpp | 4 ++++ .../pkcs/FSecPkcs_Pkcs05PbMacParametersImpl.cpp | 20 ++++++++++++++++---- src/security/pkcs/FSecPkcs_Pkcs05SchemesImpl.cpp | 17 +++++++++++++++++ src/security/pkcs/FSecPkcs_Pkcs08AttributeImpl.cpp | 10 +++++++--- .../pkcs/FSecPkcs_Pkcs08AttributeValueImpl.cpp | 4 ++++ .../FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp | 9 ++++++++- .../pkcs/FSecPkcs_Pkcs08PrivateKeyInfoImpl.cpp | 10 +++++++--- src/security/pkcs/FSecPkcs_PkcsUtility.cpp | 4 ++++ src/security/pkcs/FSecPkcs_Rc2CbcParametersImpl.cpp | 19 ++++++++++++++++++- 16 files changed, 135 insertions(+), 28 deletions(-) diff --git a/src/security/FSecKeyPairGenerator.cpp b/src/security/FSecKeyPairGenerator.cpp index 7485ba7..f31154d 100644 --- a/src/security/FSecKeyPairGenerator.cpp +++ b/src/security/FSecKeyPairGenerator.cpp @@ -191,7 +191,7 @@ KeyPairGenerator::GenerateKeyPairN(Tizen::Security::IKeyParameters* pKeyParams) byte temp[_PUBLIC_KEY_LENGTH]; ByteBuffer privKey; ByteBuffer pubKey; - KeyPair* pKeyPair = null; + std::unique_ptr< KeyPair > pKeyPair; BN_CTX* pCtx = null; DH* pDh = null; RSA* pRsa = null; @@ -353,7 +353,7 @@ KeyPairGenerator::GenerateKeyPairN(Tizen::Security::IKeyParameters* pKeyParams) } - pKeyPair = new (std::nothrow) KeyPair(); + pKeyPair = std::unique_ptr< KeyPair >(new (std::nothrow) KeyPair()); SysTryCatch(NID_SEC, pKeyPair != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); r = pKeyPair->SetPrivateKey(privKey); @@ -387,11 +387,10 @@ CATCH: } if (IsFailed(r)) { - delete pKeyPair; - pKeyPair = null; + pKeyPair.reset(null); } - return pKeyPair; + return pKeyPair.release(); } KeyPair* diff --git a/src/security/FSecRsaKeyConverter.cpp b/src/security/FSecRsaKeyConverter.cpp index 0c8fa82..91c962d 100644 --- a/src/security/FSecRsaKeyConverter.cpp +++ b/src/security/FSecRsaKeyConverter.cpp @@ -249,9 +249,10 @@ RsaKeyConverter::ConvertPublicKeyFormatN(RsaKeyFormat format, const IPublicKey& if (isPemFormat == true) { PublicKey key; - r = key.SetKey(*pOutBuffer.get()); + r = key.SetKey(*pOutBuffer); SysTryCatch(NID_SEC, !IsFailed(r), r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid."); - pOutBuffer = std::unique_ptr< ByteBuffer >(ConvertDerToPemN(format, key)); + pOutBuffer.reset(ConvertDerToPemN(format, key)); + //pOutBuffer = std::unique_ptr< ByteBuffer >(ConvertDerToPemN(format, key)); SysTryCatch(NID_SEC, pOutBuffer != null, r = GetLastResult(), GetLastResult(), "[%s] Failed to convert der to pem encoded byte buffer"); } @@ -270,6 +271,11 @@ CATCH: BIO_free(pBio); } + if (IsFailed(r)) + { + pOutBuffer.reset(null); + } + return pOutBuffer.release(); } diff --git a/src/security/pkcs/FSecPkcsAlgorithmIdentifier.cpp b/src/security/pkcs/FSecPkcsAlgorithmIdentifier.cpp index d2cfdd6..384da84 100644 --- a/src/security/pkcs/FSecPkcsAlgorithmIdentifier.cpp +++ b/src/security/pkcs/FSecPkcsAlgorithmIdentifier.cpp @@ -121,7 +121,10 @@ AlgorithmIdentifier::CloneN(void) const std::unique_ptr< AlgorithmIdentifier > pObj(new (std::nothrow) AlgorithmIdentifier()); SysTryReturn(NID_SEC_CRYPTO, pObj, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); - r = pObj->Construct(__pAlgorithmIdentifierImpl->GetAlgorithmObjectId(), __pAlgorithmIdentifierImpl->GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pParam(__pAlgorithmIdentifierImpl->GetParametersN()); + SysTryReturn(NID_SEC_CRYPTO, pParam, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + r = pObj->Construct(__pAlgorithmIdentifierImpl->GetAlgorithmObjectId(), pParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); return pObj.release(); diff --git a/src/security/pkcs/FSecPkcsInitialVector.cpp b/src/security/pkcs/FSecPkcsInitialVector.cpp index b6e446e..0b4b8fa 100644 --- a/src/security/pkcs/FSecPkcsInitialVector.cpp +++ b/src/security/pkcs/FSecPkcsInitialVector.cpp @@ -79,7 +79,6 @@ InitialVector::CloneN(void) const SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); return pInitialVectorObj.release(); - } PkcsAlgorithmParameterType diff --git a/src/security/pkcs/FSecPkcs_AlgorithmIdentifierImpl.cpp b/src/security/pkcs/FSecPkcs_AlgorithmIdentifierImpl.cpp index 07627d5..d794854 100644 --- a/src/security/pkcs/FSecPkcs_AlgorithmIdentifierImpl.cpp +++ b/src/security/pkcs/FSecPkcs_AlgorithmIdentifierImpl.cpp @@ -143,14 +143,23 @@ _AlgorithmIdentifierImpl::GetAlgorithmObjectId(void) const IAlgorithmParameters* _AlgorithmIdentifierImpl::GetParametersN(void) const { + std::unique_ptr< IAlgorithmParameters > pAlgoParam; + //Return the Algorithm Parameter ClearLastResult(); if (__pAlgoParams != null) { - return __pAlgoParams->CloneN(); + pAlgoParam = std::unique_ptr< IAlgorithmParameters >(__pAlgoParams->CloneN()); + SysTryReturn(NID_SEC_CRYPTO, pAlgoParam != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + return pAlgoParam.release(); + } + else + { + return null; } - return null; + } ByteBuffer* @@ -186,6 +195,10 @@ _AlgorithmIdentifierImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pEncAlgoIdParam.reset(null); + } X509_ALGOR_free(pAlgoObj); SetLastResult(r); return pEncAlgoIdParam.release(); diff --git a/src/security/pkcs/FSecPkcs_InitialVectorImpl.cpp b/src/security/pkcs/FSecPkcs_InitialVectorImpl.cpp index 80a23e0..a1c4ab8 100644 --- a/src/security/pkcs/FSecPkcs_InitialVectorImpl.cpp +++ b/src/security/pkcs/FSecPkcs_InitialVectorImpl.cpp @@ -155,6 +155,11 @@ _InitialVectorImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pEncInitialVector.reset(null); + } + ASN1_OCTET_STRING_free(pInitialVectorStr); OPENSSL_free(pTemp); SetLastResult(r); diff --git a/src/security/pkcs/FSecPkcs_Pkcs05PbEs2ParametersImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs05PbEs2ParametersImpl.cpp index a551d46..de46c9e 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs05PbEs2ParametersImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs05PbEs2ParametersImpl.cpp @@ -125,10 +125,18 @@ _Pkcs05PbEs2ParametersImpl::Construct(const AlgorithmIdentifier& keyDerivationFu SysAssertf(__keyDerivationFunction.GetAlgorithmObjectId().GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class. "); SysAssertf(__encryptionScheme.GetAlgorithmObjectId().GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class."); - r = __keyDerivationFunction.Construct(keyDerivationFunction.GetAlgorithmObjectId(), keyDerivationFunction.GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pkdfParam(keyDerivationFunction.GetParametersN()); + r = GetLastResult(); + SysTryReturn(NID_SEC_CRYPTO, pkdfParam != null, r, r, "[%s] Failed to get the parameters.", GetErrorMessage(r)); + + r = __keyDerivationFunction.Construct(keyDerivationFunction.GetAlgorithmObjectId(), pkdfParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct the algorithm identifier.", GetErrorMessage(r)); - r = __encryptionScheme.Construct(encryptionScheme.GetAlgorithmObjectId(), encryptionScheme.GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pEncParam(encryptionScheme.GetParametersN()); + r = GetLastResult(); + SysTryReturn(NID_SEC_CRYPTO, pEncParam != null, r, r, "[%s] Failed to get the parameters.", GetErrorMessage(r)); + + r = __encryptionScheme.Construct(encryptionScheme.GetAlgorithmObjectId(), pEncParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct the algorithm identifier.", GetErrorMessage(r)); return r; @@ -154,10 +162,10 @@ _Pkcs05PbEs2ParametersImpl::GetEncodedDataN(void) const Tizen::Base::String objectId = __encryptionScheme.GetAlgorithmObjectId(); - IAlgorithmParameters* pParams = __encryptionScheme.GetParametersN(); + std::unique_ptr< IAlgorithmParameters > pParams(__encryptionScheme.GetParametersN()); SysTryReturn(NID_SEC_CRYPTO, pParams != null, null, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error."); - Pkcs05PbKdf2Parameters* pKeyParams = dynamic_cast< Pkcs05PbKdf2Parameters* >(__keyDerivationFunction.GetParametersN()); + std::unique_ptr< Pkcs05PbKdf2Parameters > pKeyParams(dynamic_cast< Pkcs05PbKdf2Parameters* >(__keyDerivationFunction.GetParametersN())); SysTryReturn(NID_SEC_CRYPTO, pKeyParams != null, null, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error."); pPbes2 = PBE2PARAM_new(); @@ -181,7 +189,7 @@ _Pkcs05PbEs2ParametersImpl::GetEncodedDataN(void) const pPbes2->encryption = X509_ALGOR_new(); SysTryCatch(NID_SEC_CRYPTO, pPbes2->encryption != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); - pPbes2->encryption = _PkcsUtility::GenerateAlgorithmIdentifierStructureN(objectId, pParams); + pPbes2->encryption = _PkcsUtility::GenerateAlgorithmIdentifierStructureN(objectId, pParams.get()); SysTryCatch(NID_SEC_CRYPTO, pPbes2->encryption != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] The method cannot proceed due to a severe system error."); // encode the PBE2PARAM structure @@ -205,6 +213,7 @@ CATCH: if (IsFailed(r)) { PBE2PARAM_free(pPbes2); + pEncPbeParam.reset(null); } OPENSSL_free(pTemp); diff --git a/src/security/pkcs/FSecPkcs_Pkcs05PbKdf2ParametersImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs05PbKdf2ParametersImpl.cpp index 450e09d..474dca1 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs05PbKdf2ParametersImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs05PbKdf2ParametersImpl.cpp @@ -268,6 +268,10 @@ _Pkcs05PbKdf2ParametersImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pEncKdfParam.reset(null); + } PBKDF2PARAM_free(pKdf); OPENSSL_free(pTemp); SetLastResult(r); diff --git a/src/security/pkcs/FSecPkcs_Pkcs05PbMacParametersImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs05PbMacParametersImpl.cpp index 72f04ca..6369d23 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs05PbMacParametersImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs05PbMacParametersImpl.cpp @@ -128,7 +128,7 @@ _Pkcs05PbMacParametersImpl::Construct(const Tizen::Base::ByteBuffer& encodedData __messageAuthScheme.Construct(macOid, null); SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); - CATCH: +CATCH: PBE2PARAM_free(pMacObj); return r; @@ -142,10 +142,18 @@ _Pkcs05PbMacParametersImpl::Construct(const AlgorithmIdentifier& keyDerivationFu SysAssertf(__keyDerivationFunction.GetAlgorithmObjectId().GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class. "); SysAssertf(__messageAuthScheme.GetAlgorithmObjectId().GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class. "); - r = __keyDerivationFunction.Construct(keyDerivationFunction.GetAlgorithmObjectId(), keyDerivationFunction.GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pParam(keyDerivationFunction.GetParametersN()); + r = GetLastResult(); + SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to get the parameters.", GetErrorMessage(r)); + + r = __keyDerivationFunction.Construct(keyDerivationFunction.GetAlgorithmObjectId(), pParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct the algorithm identifier.", GetErrorMessage(r)); - r = __messageAuthScheme.Construct(messageAuthScheme.GetAlgorithmObjectId(), messageAuthScheme.GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pAuthParam(messageAuthScheme.GetParametersN()); + r = GetLastResult(); + SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to get the parameters.", GetErrorMessage(r)); + + r = __messageAuthScheme.Construct(messageAuthScheme.GetAlgorithmObjectId(), pAuthParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct the algorithm identifier.", GetErrorMessage(r)); return r; @@ -221,8 +229,12 @@ _Pkcs05PbMacParametersImpl::GetEncodedDataN(void) const pEncMacParam->Flip(); - CATCH: +CATCH: + if (IsFailed(r)) + { + pEncMacParam.reset(null); + } PBE2PARAM_free(pMacObj); OPENSSL_free(pTemp); SetLastResult(r); diff --git a/src/security/pkcs/FSecPkcs_Pkcs05SchemesImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs05SchemesImpl.cpp index 8719d0f..247a6c3 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs05SchemesImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs05SchemesImpl.cpp @@ -160,6 +160,10 @@ _Pkcs05SchemesImpl::GenerateKeyKdf2N(const Pkcs05PbKdf2Parameters& params) pOut->Flip(); + if (IsFailed(r)) + { + pOut.reset(null); + } return pOut.release(); } @@ -197,6 +201,10 @@ _Pkcs05SchemesImpl::EncryptionScheme2N(const Pkcs05PbEs2Parameters& params, cons r = GetLastResult(); SysTryReturn(NID_SEC_CRYPTO, pOutBuffer != null, null, r, "[%s] Failed to encrypt message.", GetErrorMessage(r)); + if (IsFailed(r)) + { + pOutBuffer.reset(null); + } return pOutBuffer.release(); } @@ -232,6 +240,11 @@ _Pkcs05SchemesImpl::DecryptionScheme2N(const Pkcs05PbEs2Parameters& params, cons r = GetLastResult(); SysTryReturn(NID_SEC_CRYPTO, pOutBuffer != null, null, r, "[%s] Failed to encrypt message.", GetErrorMessage(r)); + if (IsFailed(r)) + { + pOutBuffer.reset(null); + } + return pOutBuffer.release(); } @@ -335,6 +348,10 @@ _Pkcs05SchemesImpl::GetPbHMacN(const Pkcs05PbMacParameters& params, const Tizen: pOutput->Flip(); + if (IsFailed(r)) + { + pOutput.reset(null); + } return pOutput.release(); } diff --git a/src/security/pkcs/FSecPkcs_Pkcs08AttributeImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs08AttributeImpl.cpp index 804da3c..7eb20c4 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs08AttributeImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs08AttributeImpl.cpp @@ -52,6 +52,7 @@ _Pkcs08AttributeImpl::_Pkcs08AttributeImpl(void) _Pkcs08AttributeImpl::~_Pkcs08AttributeImpl(void) { //do nothing + __attributeValues.RemoveAll(true); } result @@ -68,7 +69,6 @@ _Pkcs08AttributeImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) X509_ATTRIBUTE* pAttribute = null; ASN1_OBJECT* pObject = null; ASN1_TYPE* pAsnType = null; - Pkcs08AttributeValue* pNewObj = null; SysAssertf(__attributeType.GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class."); @@ -98,7 +98,7 @@ _Pkcs08AttributeImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) pAsnType = sk_ASN1_TYPE_value(pAttribute->value.set, i); SysTryCatch(NID_SEC_CRYPTO, pAsnType != null, r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid."); - pNewObj = new (std::nothrow) Pkcs08AttributeValue(); + std::unique_ptr< Pkcs08AttributeValue > pNewObj(new (std::nothrow) Pkcs08AttributeValue()); SysTryCatch(NID_SEC_CRYPTO, pNewObj != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); value = i2d_ASN1_TYPE(pAsnType, &pTemp); @@ -115,7 +115,7 @@ _Pkcs08AttributeImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) r = pNewObj->Construct(asn1TypeBuffer); SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); - r = AddAttributeValue(*pNewObj); + r = AddAttributeValue(*pNewObj.release()); SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), , r, "[%s] Failed to add attribute", GetErrorMessage(r)); } @@ -247,6 +247,10 @@ _Pkcs08AttributeImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pAttributeBuffer.reset(null); + } X509_ATTRIBUTE_free(pAttribute); OPENSSL_free(pTemp); diff --git a/src/security/pkcs/FSecPkcs_Pkcs08AttributeValueImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs08AttributeValueImpl.cpp index c7143f2..e10cb5e 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs08AttributeValueImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs08AttributeValueImpl.cpp @@ -200,6 +200,10 @@ _Pkcs08AttributeValueImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pAttributeValue.reset(null); + } ASN1_TYPE_free(pAsn1Type); OPENSSL_free(pTemp); SetLastResult(r); diff --git a/src/security/pkcs/FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp index 70913a6..e22d2b7 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs08EncryptedPrivateKeyInfoImpl.cpp @@ -164,7 +164,10 @@ _Pkcs08EncryptedPrivateKeyInfoImpl::Construct(const AlgorithmIdentifier& algorit SysTryReturnResult(NID_SEC_CRYPTO, key.GetRemaining() > 0, E_INVALID_ARG, "The specified input parameter is invalid."); SysTryReturnResult(NID_SEC_CRYPTO, encodedPrivateKeyInfoBuffer.GetRemaining() > 0, E_INVALID_ARG, "The specified input parameter is invalid."); - r = __encryptionAlgorithm.Construct(algorithmId.GetAlgorithmObjectId(), algorithmId.GetParametersN()); + std::unique_ptr< IAlgorithmParameters > pParam(algorithmId.GetParametersN()); + SysTryReturnResult(NID_SEC_CRYPTO, pParam, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + r = __encryptionAlgorithm.Construct(algorithmId.GetAlgorithmObjectId(), pParam.get()); SysTryReturn(NID_SEC_CRYPTO, !IsFailed(r), r, r, "[%s] Failed to construct algorithm identifier instance for encryption algorithm..", GetErrorMessage(r)); std::unique_ptr< ByteBuffer > pEncData(_PkcsUtility::EncryptDecryptN(algorithmId, key, encodedPrivateKeyInfoBuffer, 1)); @@ -287,6 +290,10 @@ _Pkcs08EncryptedPrivateKeyInfoImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pEncPrivKey.reset(null); + } X509_SIG_free(sig); SetLastResult(r); return pEncPrivKey.release(); diff --git a/src/security/pkcs/FSecPkcs_Pkcs08PrivateKeyInfoImpl.cpp b/src/security/pkcs/FSecPkcs_Pkcs08PrivateKeyInfoImpl.cpp index 9cc484d..ff46b81 100644 --- a/src/security/pkcs/FSecPkcs_Pkcs08PrivateKeyInfoImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Pkcs08PrivateKeyInfoImpl.cpp @@ -56,6 +56,7 @@ _Pkcs08PrivateKeyInfoImpl::_Pkcs08PrivateKeyInfoImpl(void) _Pkcs08PrivateKeyInfoImpl::~_Pkcs08PrivateKeyInfoImpl(void) { //do nothing + __attributes.RemoveAll(true); } @@ -80,7 +81,6 @@ _Pkcs08PrivateKeyInfoImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) PKCS8_PRIV_KEY_INFO* pPrivKeyInfo = null; STACK_OF(X509_ATTRIBUTE)* pStackOfAttribute = null; X509_ATTRIBUTE* pAttribute = null; - Pkcs08Attribute* pAttributeClassObj = null; SysAssertf(__privateKey.GetRemaining() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class. "); SysAssertf(__algorithm.GetAlgorithmObjectId().GetLength() <= 0, "Already constructed. Calling Construct() twice or more on a same instance is not allowed for this class. "); @@ -131,7 +131,7 @@ _Pkcs08PrivateKeyInfoImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) { pAttribute = sk_X509_ATTRIBUTE_value(pStackOfAttribute, index); - pAttributeClassObj = new (std::nothrow) Pkcs08Attribute(); + std::unique_ptr< Pkcs08Attribute > pAttributeClassObj(new (std::nothrow) Pkcs08Attribute()); SysTryCatch(NID_SEC_CRYPTO, pAttributeClassObj != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); value = i2d_X509_ATTRIBUTE(pAttribute, &pTemp); @@ -149,7 +149,7 @@ _Pkcs08PrivateKeyInfoImpl::Construct(const Tizen::Base::ByteBuffer& encodedData) r = pAttributeClassObj->Construct(attributeBuffer); SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); - r = AddAttribute(*pAttributeClassObj); + r = AddAttribute(*pAttributeClassObj.release()); SysTryCatch(NID_SEC_CRYPTO, !IsFailed(r), r = E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] The specified input parameter is invalid."); } @@ -325,6 +325,10 @@ _Pkcs08PrivateKeyInfoImpl::GetEncodedDataN(void) const CATCH: + if (IsFailed(r)) + { + pEncPrivateKeyInfo.reset(null); + } PKCS8_PRIV_KEY_INFO_free(pPrivateKeyInfo); OPENSSL_free(pTemp); return pEncPrivateKeyInfo.release(); diff --git a/src/security/pkcs/FSecPkcs_PkcsUtility.cpp b/src/security/pkcs/FSecPkcs_PkcsUtility.cpp index 7ad3506..078eb34 100644 --- a/src/security/pkcs/FSecPkcs_PkcsUtility.cpp +++ b/src/security/pkcs/FSecPkcs_PkcsUtility.cpp @@ -906,6 +906,10 @@ _PkcsUtility::EncryptDecryptN(const AlgorithmIdentifier& algo, const Tizen::Base CATCH: + if (IsFailed(r)) + { + pOutBuffer.reset(null); + } EVP_CIPHER_CTX_cleanup(&cipherCtx); SetLastResult(r); diff --git a/src/security/pkcs/FSecPkcs_Rc2CbcParametersImpl.cpp b/src/security/pkcs/FSecPkcs_Rc2CbcParametersImpl.cpp index 7fec67e..6ebee37 100644 --- a/src/security/pkcs/FSecPkcs_Rc2CbcParametersImpl.cpp +++ b/src/security/pkcs/FSecPkcs_Rc2CbcParametersImpl.cpp @@ -217,7 +217,24 @@ _Rc2CbcParametersImpl::GetEncodedDataN(void) const CATCH: - OPENSSL_free(pTemp); + if (pInitialVectorStr != null) + { + ASN1_OCTET_STRING_free(pInitialVectorStr); + } + if (pTemp != null) + { + OPENSSL_free(pTemp); + } + + if (pAsn1Type != null) + { + ASN1_TYPE_free(pAsn1Type); + } + + if (IsFailed(r)) + { + pEncRc2CbcParam.reset(null); + } SetLastResult(r); return pEncRc2CbcParam.release(); -- 2.7.4