lib-dcrypt: istream-decrypt - Fix memory leak when stream is seeked backwards

author Timo Sirainen <timo.sirainen@dovecot.fi>

Tue, 12 Jun 2018 18:07:38 +0000 (21:07 +0300)

committer Timo Sirainen <timo.sirainen@dovecot.fi>

Tue, 19 Jun 2018 13:49:26 +0000 (16:49 +0300)
author Timo Sirainen <timo.sirainen@dovecot.fi>
Tue, 12 Jun 2018 18:07:38 +0000 (21:07 +0300)
committer Timo Sirainen <timo.sirainen@dovecot.fi>
Tue, 19 Jun 2018 13:49:26 +0000 (16:49 +0300)
diff --git a/src/lib-dcrypt/istream-decrypt.c b/src/lib-dcrypt/istream-decrypt.c

index 537f489fef9d2eba18151662e9bd506d657b828a..db0ea708eb4078a00ee7958760ac06629e9c3fd8 100644 (file)
--- a/src/lib-dcrypt/istream-decrypt.c
+++ b/src/lib-dcrypt/istream-decrypt.c
@@ -340,13 +340,7 @@ i_stream_decrypt_key(struct decrypt_istream *stream, const char *malg,
         keys = *data++;
  
         /* if we have a key, prefab the digest */
-       if (stream->key_callback == NULL) {
-               if (stream->priv_key == NULL) { 
-                       io_stream_set_error(&stream->istream.iostream,
-                                           "Decryption error: "
-                                           "no private key available");
-                       return -1;
-               }
+       if (stream->priv_key != NULL) {
                 buffer_create_from_data(&buf, dgst, sizeof(dgst));
                 if (!dcrypt_key_id_private(stream->priv_key, "sha256", &buf,
                                            &error)) {
@@ -356,6 +350,11 @@ i_stream_decrypt_key(struct decrypt_istream *stream, const char *malg,
                                             error);
                         return -1;
                 }
+       } else if (stream->key_callback == NULL) {
+               io_stream_set_error(&stream->istream.iostream,
+                                   "Decryption error: "
+                                   "no private key available");
+               return -1;
         }
  
         /* for each key */
@@ -364,9 +363,17 @@ i_stream_decrypt_key(struct decrypt_istream *stream, const char *malg,
                         return 0;
                 ktype = *data++;
  
-               if (stream->key_callback != NULL) {
+               if (stream->priv_key != NULL) {
+                       /* see if key matches to the one we have */
+                       if (memcmp(dgst, data, sizeof(dgst)) == 0) {
+                               have_key = TRUE;
+                               break;
+                       }
+               } else if (stream->key_callback != NULL) {
                         const char *hexdgst = /* digest length */
                                 binary_to_hex(data, sizeof(dgst));
+                       if (stream->priv_key != NULL)
+                               dcrypt_key_unref_private(&stream->priv_key);
                         /* hope you going to give us right key.. */
                         int ret = stream->key_callback(hexdgst,
                                 &stream->priv_key, &error, stream->key_context);
@@ -380,12 +387,6 @@ i_stream_decrypt_key(struct decrypt_istream *stream, const char *malg,
                                 have_key = TRUE;
                                 break;
                         }
-               } else {
-                       /* see if key matches to the one we have */
-                       if (memcmp(dgst, data, sizeof(dgst)) == 0) {
-                               have_key = TRUE;
-                               break;
-                       }
                 }
                 data += sizeof(dgst);
author	Timo Sirainen <timo.sirainen@dovecot.fi>
	Tue, 12 Jun 2018 18:07:38 +0000 (21:07 +0300)
committer	Timo Sirainen <timo.sirainen@dovecot.fi>
	Tue, 19 Jun 2018 13:49:26 +0000 (16:49 +0300)