fix #41 and #42 : 'possible memleak: message_api.c:encrypt_PGP_in_pieces ctext not freed before reuse in lines 436 + 470' and 'possible memleak: message_api.c:encrypt_PGP_MIME ctext is never freed'
authorEdouard Tisserant
Fri, 15 Jul 2016 21:33:37 +0200
changeset 882277297dadbb9
parent 881 bbc6c48ce146
child 885 ca89e40342d4
fix #41 and #42 : 'possible memleak: message_api.c:encrypt_PGP_in_pieces ctext not freed before reuse in lines 436 + 470' and 'possible memleak: message_api.c:encrypt_PGP_MIME ctext is never freed'
src/message_api.c
     1.1 --- a/src/message_api.c	Thu Jul 14 15:18:27 2016 +0200
     1.2 +++ b/src/message_api.c	Fri Jul 15 21:33:37 2016 +0200
     1.3 @@ -329,8 +329,7 @@
     1.4      PEP_STATUS status = PEP_STATUS_OK;
     1.5      bool free_ptext = false;
     1.6      char *ptext = NULL;
     1.7 -    char *ctext;
     1.8 -    char *_ctext = NULL;
     1.9 +    char *ctext = NULL;
    1.10      char *mimetext = NULL;
    1.11      size_t csize;
    1.12      assert(dst->longmsg == NULL);
    1.13 @@ -402,13 +401,7 @@
    1.14          goto enomem;
    1.15      dst->attachments = _a;
    1.16  
    1.17 -    _ctext = malloc(csize);
    1.18 -    assert(_ctext);
    1.19 -    if (_ctext == NULL)
    1.20 -        goto enomem;
    1.21 -    memcpy(_ctext, ctext, csize);
    1.22 -
    1.23 -    _a = bloblist_add(_a, _ctext, csize, "application/octet-stream",
    1.24 +    _a = bloblist_add(_a, ctext, csize, "application/octet-stream",
    1.25          "msg.asc");
    1.26      if (_a == NULL)
    1.27          goto enomem;
    1.28 @@ -421,7 +414,7 @@
    1.29  pep_error:
    1.30      if (free_ptext)
    1.31          free(ptext);
    1.32 -    free(_ctext);
    1.33 +    free(ctext);
    1.34      return status;
    1.35  }
    1.36  
    1.37 @@ -433,7 +426,7 @@
    1.38      )
    1.39  {
    1.40      PEP_STATUS status = PEP_STATUS_OK;
    1.41 -    char *ctext;
    1.42 +    char *ctext = NULL;
    1.43      size_t csize;
    1.44      char *ptext = NULL;
    1.45      bool free_ptext = false;
    1.46 @@ -464,10 +457,7 @@
    1.47              free(ptext);
    1.48          free_ptext = false;
    1.49          if (ctext) {
    1.50 -            dst->longmsg = strndup(ctext, csize);
    1.51 -            assert(dst->longmsg);
    1.52 -            if (dst->longmsg == NULL)
    1.53 -                goto enomem;
    1.54 +            dst->longmsg = ctext;
    1.55          }
    1.56          else {
    1.57              goto pep_error;
    1.58 @@ -478,10 +468,7 @@
    1.59          status = encrypt_and_sign(session, keys, ptext, strlen(ptext), &ctext,
    1.60              &csize);
    1.61          if (ctext) {
    1.62 -            dst->longmsg = strndup(ctext, csize);
    1.63 -            assert(dst->longmsg);
    1.64 -            if (dst->longmsg == NULL)
    1.65 -                goto enomem;
    1.66 +            dst->longmsg = ctext;
    1.67          }
    1.68          else {
    1.69              goto pep_error;
    1.70 @@ -499,13 +486,8 @@
    1.71          status = encrypt_and_sign(session, keys, ptext, strlen(ptext), &ctext,
    1.72              &csize);
    1.73          if (ctext) {
    1.74 -            char *_ctext = malloc(csize);
    1.75 -            assert(_ctext);
    1.76 -            if (_ctext == NULL)
    1.77 -                goto enomem;
    1.78 -            memcpy(_ctext, ctext, csize);
    1.79  
    1.80 -            bloblist_t *_a = bloblist_add(dst->attachments, _ctext, csize,
    1.81 +            bloblist_t *_a = bloblist_add(dst->attachments, ctext, csize,
    1.82                  "application/octet-stream", "PGPexch.htm.pgp");
    1.83              if (_a == NULL)
    1.84                  goto enomem;
    1.85 @@ -560,15 +542,7 @@
    1.86                          snprintf(filename, 20, "Attachment%d.pgp", n);
    1.87                      }
    1.88  
    1.89 -                    char *_ctext = malloc(csize);
    1.90 -                    assert(_ctext);
    1.91 -                    if (_ctext == NULL) {
    1.92 -                        free(filename);
    1.93 -                        goto enomem;
    1.94 -                    }
    1.95 -                    memcpy(_ctext, ctext, csize);
    1.96 -
    1.97 -                    _d = bloblist_add(_d, _ctext, csize, "application/octet-stream",
    1.98 +                    _d = bloblist_add(_d, ctext, csize, "application/octet-stream",
    1.99                          filename);
   1.100                      free(filename);
   1.101                      if (_d == NULL)
   1.102 @@ -1346,10 +1320,8 @@
   1.103                  if (msg == NULL)
   1.104                      goto enomem;
   1.105  
   1.106 -                msg->longmsg = strdup(ptext);
   1.107 -                assert(msg->longmsg);
   1.108 -                if (msg->longmsg == NULL)
   1.109 -                    goto enomem;
   1.110 +                msg->longmsg = ptext;
   1.111 +                ptext = NULL;
   1.112  
   1.113                  bloblist_t *_m = msg->attachments;
   1.114                  if (_m == NULL && src->attachments && src->attachments->value) {
   1.115 @@ -1379,10 +1351,8 @@
   1.116  
   1.117                          if (ptext) {
   1.118                              if (is_encrypted_html_attachment(_s)) {
   1.119 -                                msg->longmsg_formatted = strdup(ptext);
   1.120 -                                assert(msg->longmsg_formatted);
   1.121 -                                if (msg->longmsg_formatted == NULL)
   1.122 -                                    goto pep_error;
   1.123 +                                msg->longmsg_formatted = ptext;
   1.124 +                                ptext = NULL;
   1.125                              }
   1.126                              else {
   1.127                                  static const char * const mime_type = "application/octet-stream";
   1.128 @@ -1391,18 +1361,14 @@
   1.129                                  if (filename == NULL)
   1.130                                      goto enomem;
   1.131  
   1.132 -                                char *_ptext = malloc(psize);
   1.133 -                                assert(_ptext);
   1.134 -                                if (_ptext == NULL)
   1.135 -                                    goto enomem;
   1.136 -                                memcpy(_ptext, ptext, psize);
   1.137 -
   1.138 -                                _m = bloblist_add(_m, _ptext, psize, mime_type,
   1.139 +                                _m = bloblist_add(_m, ptext, psize, mime_type,
   1.140                                      filename);
   1.141                                  free(filename);
   1.142                                  if (_m == NULL)
   1.143                                      goto enomem;
   1.144  
   1.145 +                                ptext = NULL;
   1.146 +
   1.147                                  if (msg->attachments == NULL)
   1.148                                      msg->attachments = _m;
   1.149                              }
   1.150 @@ -1512,8 +1478,7 @@
   1.151              status = cryptotech[crypto].decrypt_and_verify(session, ctext,
   1.152                  csize, &re_ptext, &re_psize, &_keylist);
   1.153              
   1.154 -            if (re_ptext)
   1.155 -                free(re_ptext);
   1.156 +            free(re_ptext);
   1.157              
   1.158              if (status > PEP_CANNOT_DECRYPT_UNKNOWN)
   1.159                  goto pep_error;
   1.160 @@ -1591,6 +1556,7 @@
   1.161      status = PEP_OUT_OF_MEMORY;
   1.162  
   1.163  pep_error:
   1.164 +    free(ptext);
   1.165      free_message(msg);
   1.166      free_stringlist(_keylist);
   1.167