Patch memory leaks and bad memory accesses

diff --git a/src/asn1/asn1c/OCTET_STRING.c b/src/asn1/asn1c/OCTET_STRING.c
index 1dd9f7994a27b85732c5012902c2a7fddc25a877..c39d80dae81873e0322e88dda4772b939a7db2f2 100644 (file)
--- a/src/asn1/asn1c/OCTET_STRING.c
+++ b/src/asn1/asn1c/OCTET_STRING.c
@@ -589,8 +589,9 @@ OCTET_STRING_encode_json(const struct asn_TYPE_descriptor_s *td,
        const OCTET_STRING_t *os = sptr;
        uint8_t *buf, *end;
        char *result, *r;
+       json_t *json;
 
-       result = pmalloc(2 * os->size + 1);
+       result = pmalloc(2 * os->size);
 
        buf = os->buf;
        end = buf + os->size;
@@ -599,9 +600,11 @@ OCTET_STRING_encode_json(const struct asn_TYPE_descriptor_s *td,
                *r++ = H2C[(*buf >> 4) & 0x0F];
                *r++ = H2C[(*buf     ) & 0x0F];
        }
-       *r = '\0';
 
-       return json_string(result);
+       json = json_stringn(result, 2 * os->size);
+
+       free(result);
+       return json;
 }
 
 json_t *

diff --git a/src/asn1/asn1c/ROAIPAddressFamily.c b/src/asn1/asn1c/ROAIPAddressFamily.c
index 23e59b6c49dfb2532104b20c9035f39788447c6a..3b78b14fdd5f59ae867674685b2f3507bedde47f 100644 (file)
--- a/src/asn1/asn1c/ROAIPAddressFamily.c
+++ b/src/asn1/asn1c/ROAIPAddressFamily.c
@@ -10,7 +10,7 @@
 #include "types/address.h"
 
 static json_t *
-prefix2json(char *prefix, uint8_t length)
+prefix2json(char const *prefix, uint8_t length)
 {
        json_t *root;
 
@@ -87,7 +87,7 @@ AddrBlock2json(struct ROAIPAddressFamily const *riaf, char const *ipname,
                prefix = pref2json(src);
                if (prefix == NULL)
                        goto fail;
-               if (json_array_append(addresses, prefix))
+               if (json_array_append_new(addresses, prefix))
                        goto fail;
 
                maxlen = asn_DEF_INTEGER.op->json_encoder(&asn_DEF_INTEGER, src->maxLength);

diff --git a/src/asn1/asn1c/ber_tlv_length.h b/src/asn1/asn1c/ber_tlv_length.h
index 8a5e68c73ba3062cfd1d6056613fccd2777f4ac0..133fc09823a3211d78d552c6302e7b4d5b1d8955 100644 (file)
--- a/src/asn1/asn1c/ber_tlv_length.h
+++ b/src/asn1/asn1c/ber_tlv_length.h
@@ -17,7 +17,7 @@ typedef ssize_t ber_tlv_len_t;
 
 /*
  * This function tries to fetch the length of the BER TLV value and place it
- * in *len_r.
+ * in *len_r. bufptr has to point to the TLV's length field, not the TLV.
  * RETURN VALUES:
  *      0:     More data expected than bufptr contains.
  *     -1:     Fatal error deciphering length.

diff --git a/src/extension.c b/src/extension.c
index fb2b53783809b4935702b382f2783720e113e056..d8e0042655a262ed1d3976de845ab29c0dcd6fd1 100644 (file)
--- a/src/extension.c
+++ b/src/extension.c
@@ -125,23 +125,23 @@ ku2json(void const *ext)
        if (root == NULL)
                return NULL;
 
-       if (json_object_set_new(root, "digitalSignature", json_boolean(ku->data[0] & 0x80u)) < 0)
+       if (json_object_set_new(root, "digitalSignature", json_boolean(data[0] & 0x80u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "contentCommitment", json_boolean(ku->data[0] & 0x40u)) < 0)
+       if (json_object_set_new(root, "contentCommitment", json_boolean(data[0] & 0x40u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "keyEncipherment", json_boolean(ku->data[0] & 0x20u)) < 0)
+       if (json_object_set_new(root, "keyEncipherment", json_boolean(data[0] & 0x20u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "dataEncipherment", json_boolean(ku->data[0] & 0x10u)) < 0)
+       if (json_object_set_new(root, "dataEncipherment", json_boolean(data[0] & 0x10u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "keyAgreement", json_boolean(ku->data[0] & 0x08u)) < 0)
+       if (json_object_set_new(root, "keyAgreement", json_boolean(data[0] & 0x08u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "keyCertSign", json_boolean(ku->data[0] & 0x04u)) < 0)
+       if (json_object_set_new(root, "keyCertSign", json_boolean(data[0] & 0x04u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "cRLSign", json_boolean(ku->data[0] & 0x02u)) < 0)
+       if (json_object_set_new(root, "cRLSign", json_boolean(data[0] & 0x02u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "encipherOnly", json_boolean(ku->data[0] & 0x01u)) < 0)
+       if (json_object_set_new(root, "encipherOnly", json_boolean(data[0] & 0x01u)) < 0)
                goto fail;
-       if (json_object_set_new(root, "decipherOnly", json_boolean(ku->data[1] & 0x80u)) < 0)
+       if (json_object_set_new(root, "decipherOnly", json_boolean(data[1] & 0x80u)) < 0)
                goto fail;
 
        return root;

diff --git a/src/libcrypto_util.c b/src/libcrypto_util.c
index 82a6810277a4d8d9a4ec10b821c2fd3a67d166a7..a7f344fbaed9847dbe9f6d7d089ce118a62037e5 100644 (file)
--- a/src/libcrypto_util.c
+++ b/src/libcrypto_util.c
@@ -246,7 +246,9 @@ exts2json(const STACK_OF(X509_EXTENSION) *exts)
 {
        json_t *root;
        BIO *bio;
+       char *name;
        int i;
+       int ret;
 
        if (sk_X509_EXTENSION_num(exts) <= 0)
                return json_null();
@@ -269,14 +271,12 @@ exts2json(const STACK_OF(X509_EXTENSION) *exts)
                        BIO_free_all(bio);
                        goto fail;
                }
+               name = bio2str(bio);
 
                /* Create node, add to parent */
-               node = json_object();
-               if (node == NULL) {
-                       BIO_free_all(bio);
-                       goto fail;
-               }
-               if (json_object_set_new(root, bio2str(bio), node) < 0)
+               ret = json_object_set_new(root, name, node = json_object());
+               free(name);
+               if (ret < 0)
                        goto fail;
 
                /* Child 1: Critical */