From: Martin Willi Date: Thu, 29 Nov 2012 10:29:46 +0000 (+0100) Subject: Allocate data returned by pkcs7_t.get_attribute() X-Git-Tag: 5.0.2dr4~64 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=063ae4e52ab1e522694a5e2d4853db5d63a673c0;p=thirdparty%2Fstrongswan.git Allocate data returned by pkcs7_t.get_attribute() --- diff --git a/src/libstrongswan/credentials/containers/pkcs7.h b/src/libstrongswan/credentials/containers/pkcs7.h index d79650e745..d42d82b0b4 100644 --- a/src/libstrongswan/credentials/containers/pkcs7.h +++ b/src/libstrongswan/credentials/containers/pkcs7.h @@ -41,9 +41,12 @@ struct pkcs7_t { * To select the signerInfo structure to get the attribute from, pass * the enumerator position from container_t.create_signature_enumerator(). * + * The attribute returned does not contain type information and must be + * freed after use. + * * @param oid OID from the attribute to get * @param enumerator enumerator to select signerInfo - * @param value chunk receiving attribute value, internal data + * @param value chunk receiving attribute value, allocated * @return TRUE if attribute found */ bool (*get_attribute)(pkcs7_t *this, int oid, enumerator_t *enumerator, diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c index 4c963ab823..2ef97084fc 100644 --- a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c +++ b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c @@ -323,7 +323,7 @@ METHOD(pkcs7_t, get_attribute, bool, chunk = e->info->attributes->get_attribute(e->info->attributes, oid); if (chunk.len) { - *value = chunk; + *value = chunk_clone(chunk); return TRUE; } } diff --git a/src/pki/commands/pkcs7.c b/src/pki/commands/pkcs7.c index d5bee759f3..3d53ace001 100644 --- a/src/pki/commands/pkcs7.c +++ b/src/pki/commands/pkcs7.c @@ -114,6 +114,7 @@ static int verify(chunk_t chunk) { fprintf(stderr, " at %T", &t, FALSE); } + free(data.ptr); } fprintf(stderr, "\n"); } diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index faaac8851e..62b244efd1 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -85,6 +85,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator, } } DBG2(DBG_APP, "messageType: %s", msgType_names[attrs->msgType]); + free(attr.ptr); } if (pkcs7->get_attribute(pkcs7, OID_PKI_STATUS, enumerator, &attr)) { @@ -98,6 +99,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator, } } DBG2(DBG_APP, "pkiStatus: %s", pkiStatus_names[attrs->pkiStatus]); + free(attr.ptr); } if (pkcs7->get_attribute(pkcs7, OID_PKI_FAIL_INFO, enumerator, &attr)) { @@ -109,6 +111,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator, { DBG1(DBG_APP, "failInfo: %s", failInfo_reasons[attrs->failInfo]); } + free(attr.ptr); } pkcs7->get_attribute(pkcs7, OID_PKI_SENDER_NONCE, enumerator,