Remove malloc from gnutls_srp_set_server_fake_salt_seed()

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/lib/auth/srp_kx.h b/lib/auth/srp_kx.h
index e4431ee28e708d3ea6eabd04738b8a336dd12962..ebe1477e026f3cdc723adc6b1f7cd449ee5c2bdd 100644 (file)
--- a/lib/auth/srp_kx.h
+++ b/lib/auth/srp_kx.h
@@ -25,6 +25,8 @@
 
 #include <auth.h>
 
+#define MAX_FAKE_SALT_SEED_SIZE 64
+
 typedef struct gnutls_srp_client_credentials_st {
        char *username;
        char *password;
@@ -38,7 +40,9 @@ typedef struct gnutls_srp_server_credentials_st {
         * password files.
         */
        gnutls_srp_server_credentials_function *pwd_callback;
-       gnutls_datum_t fake_salt_seed;
+       unsigned char fake_salt_seed[MAX_FAKE_SALT_SEED_SIZE];
+       unsigned int fake_salt_seed_size;
+
        unsigned int fake_salt_length;
 } srp_server_cred_st;
 

diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c
index 6902be3d26f0860938f3b38ca1c11f96cf89a1b0..6cd3f7e524c137a6da83c1c56c2c991bb9a90554 100644 (file)
--- a/lib/auth/srp_passwd.c
+++ b/lib/auth/srp_passwd.c
@@ -418,8 +418,8 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry,
                return GNUTLS_E_MEMORY_ERROR;
        }
 
-       ret = _gnutls_mac_init(&ctx, me, sc->fake_salt_seed.data,
-                       sc->fake_salt_seed.size);
+       ret = _gnutls_mac_init(&ctx, me, sc->fake_salt_seed,
+                              sc->fake_salt_seed_size);
 
        if (ret < 0) {
                gnutls_assert();

diff --git a/lib/srp.c b/lib/srp.c
index 79116902add0b771158028c114e3f505ea45d24c..78bcbfd8111679cd5874ee43820ecc4b90787a56 100644 (file)
--- a/lib/srp.c
+++ b/lib/srp.c
@@ -501,7 +501,6 @@ void gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc)
 {
        gnutls_free(sc->password_file);
        gnutls_free(sc->password_conf_file);
-       _gnutls_free_datum(&sc->fake_salt_seed);
 
        gnutls_free(sc);
 }
@@ -537,17 +536,9 @@ gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *
        if (*sc == NULL)
                return GNUTLS_E_MEMORY_ERROR;
 
-       (*sc)->fake_salt_seed.size = DEFAULT_FAKE_SALT_SEED_SIZE;
-       (*sc)->fake_salt_seed.data = gnutls_malloc(
-                                       DEFAULT_FAKE_SALT_SEED_SIZE);
-       if ((*sc)->fake_salt_seed.data == NULL) {
-               ret = GNUTLS_E_MEMORY_ERROR;
-               gnutls_assert();
-               goto cleanup;
-       }
-
-       ret = gnutls_rnd(GNUTLS_RND_RANDOM, (*sc)->fake_salt_seed.data,
-                               DEFAULT_FAKE_SALT_SEED_SIZE);
+       (*sc)->fake_salt_seed_size = DEFAULT_FAKE_SALT_SEED_SIZE;
+       ret = gnutls_rnd(GNUTLS_RND_RANDOM, (*sc)->fake_salt_seed,
+                        DEFAULT_FAKE_SALT_SEED_SIZE);
 
        if (ret < 0) {
                gnutls_assert();
@@ -558,7 +549,6 @@ gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *
        return 0;
 
 cleanup:
-       _gnutls_free_datum(&(*sc)->fake_salt_seed);
        gnutls_free(*sc);
        return ret;
 }
@@ -841,8 +831,14 @@ gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t cred,
                                     const gnutls_datum_t * seed,
                                     unsigned int salt_length)
 {
-       _gnutls_free_datum(&cred->fake_salt_seed);
-       _gnutls_set_datum(&cred->fake_salt_seed, seed->data, seed->size);
+       unsigned seed_size = seed->size;
+       const unsigned char *seed_data = seed->data;
+
+       if (seed_size > sizeof(cred->fake_salt_seed))
+               seed_size = sizeof(cred->fake_salt_seed);
+
+       memcpy(cred->fake_salt_seed, seed_data, seed_size);
+       cred->fake_salt_seed_size = seed_size;
 
        /* Cap the salt length at the output size of the MAC algorithm
         * we are using to generate the fake salts.