password_pbkdf2: fix memory leak

author Andrei Borzenkov <arvidjaar@gmail.com>

Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)

committer Andrei Borzenkov <arvidjaar@gmail.com>

Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)
author Andrei Borzenkov <arvidjaar@gmail.com>
Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)
committer Andrei Borzenkov <arvidjaar@gmail.com>
Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)
diff --git a/grub-core/commands/password_pbkdf2.c b/grub-core/commands/password_pbkdf2.c

index c6a77c8c5324d9c7aa321c3742bd3e1c690aecea..da636e6217a893eb18a198ba87a6dcab47409660 100644 (file)
--- a/grub-core/commands/password_pbkdf2.c
+++ b/grub-core/commands/password_pbkdf2.c
@@ -45,6 +45,7 @@ check_password (const char *user, const char *entered, void *pin)
    grub_uint8_t *buf;
    struct pbkdf2_password *pass = pin;
    gcry_err_code_t err;
+  grub_err_t ret;
  
    buf = grub_malloc (pass->buflen);
    if (!buf)
@@ -55,17 +56,17 @@ check_password (const char *user, const char *entered, void *pin)
                             pass->salt, pass->saltlen, pass->c,
                             buf, pass->buflen);
    if (err)
+      ret = grub_crypto_gcry_error (err);
+  else if (grub_crypto_memcmp (buf, pass->expected, pass->buflen) != 0)
+      ret = GRUB_ACCESS_DENIED;
+  else
      {
-      grub_free (buf);
-      return grub_crypto_gcry_error (err);
+      grub_auth_authenticate (user);
+      ret = GRUB_ERR_NONE;
      }
  
-  if (grub_crypto_memcmp (buf, pass->expected, pass->buflen) != 0)
-    return GRUB_ACCESS_DENIED;
-
-  grub_auth_authenticate (user);
-
-  return GRUB_ERR_NONE;
+  grub_free (buf);
+  return ret;
  }
  
  static inline int
author	Andrei Borzenkov <arvidjaar@gmail.com>
	Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)
committer	Andrei Borzenkov <arvidjaar@gmail.com>
	Tue, 12 Jan 2016 17:53:26 +0000 (20:53 +0300)