Cleaned up location of init and free for some programs to prevent memory
leaks on incorrect arguments
diff --git a/programs/hash/md5sum.c b/programs/hash/md5sum.c
index ede3c45..ed0d437 100644
--- a/programs/hash/md5sum.c
+++ b/programs/hash/md5sum.c
@@ -136,6 +136,8 @@
n = sizeof( line );
}
+ fclose( f );
+
if( nb_err1 != 0 )
{
printf( "WARNING: %d (out of %d) input files could "
diff --git a/programs/hash/sha1sum.c b/programs/hash/sha1sum.c
index c20323d..e0ffa46 100644
--- a/programs/hash/sha1sum.c
+++ b/programs/hash/sha1sum.c
@@ -136,6 +136,8 @@
n = sizeof( line );
}
+ fclose( f );
+
if( nb_err1 != 0 )
{
printf( "WARNING: %d (out of %d) input files could "
diff --git a/programs/hash/sha2sum.c b/programs/hash/sha2sum.c
index c01bb1c..f731c3c 100644
--- a/programs/hash/sha2sum.c
+++ b/programs/hash/sha2sum.c
@@ -136,6 +136,8 @@
n = sizeof( line );
}
+ fclose( f );
+
if( nb_err1 != 0 )
{
printf( "WARNING: %d (out of %d) input files could "
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 51da9ab..12b2eff 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -275,7 +275,9 @@
exit:
- net_close( server_fd );
+ if( server_fd != -1 )
+ net_close( server_fd );
+
rsa_free( &rsa );
dhm_free( &dhm );
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
index b111991..e349140 100644
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -69,6 +69,7 @@
((void) argv);
mpi_init( &G ); mpi_init( &P ); mpi_init( &Q );
+ entropy_init( &entropy );
if( ( ret = mpi_read_string( &G, 10, GENERATOR ) ) != 0 )
{
@@ -86,7 +87,6 @@
printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index fb9c082..c948233 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -276,7 +276,9 @@
exit:
- net_close( client_fd );
+ if( client_fd != -1 )
+ net_close( client_fd );
+
rsa_free( &rsa );
dhm_free( &dhm );
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 17e772a..24c083e 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -62,7 +62,7 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret;
+ int ret = 1;
rsa_context rsa;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
@@ -71,7 +71,8 @@
char filename[512];
const char *pers = "rsa_sign_pss";
- ret = 1;
+ entropy_init( &entropy );
+ rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
if( argc != 3 )
{
@@ -87,7 +88,6 @@
printf( "\n . Seeding the random number generator..." );
fflush( stdout );
- entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
@@ -99,8 +99,6 @@
printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
-
if( ( ret = x509parse_keyfile( &rsa, argv[1], "" ) ) != 0 )
{
ret = 1;
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index b77fbca..2de6eab 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -59,14 +59,15 @@
int main( int argc, char *argv[] )
{
FILE *f;
- int ret;
+ int ret = 1;
size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512];
- ret = 1;
+ rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
+
if( argc != 3 )
{
printf( "usage: rsa_verify_pss <key_file> <filename>\n" );
@@ -81,8 +82,6 @@
printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout );
- rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
-
if( ( ret = x509parse_public_keyfile( &rsa, argv[1] ) ) != 0 )
{
printf( " failed\n ! x509parse_public_key returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index eefb099..d629bd8 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -279,8 +279,10 @@
}
#endif
+ if( server_fd != -1 )
+ net_close( server_fd );
+
x509_free( &cacert );
- net_close( server_fd );
ssl_free( &ssl );
memset( &ssl, 0, sizeof( ssl ) );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 76c782b..7e489da 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -110,6 +110,12 @@
((void) argc);
((void) argv);
+ memset( &ssl, 0, sizeof(ssl_context) );
+
+ entropy_init( &entropy );
+ rsa_init( &rsa, RSA_PKCS_V15, 0 );
+ memset( &srvcert, 0, sizeof( x509_cert ) );
+
signal( SIGCHLD, SIG_IGN );
/*
@@ -118,7 +124,6 @@
printf( "\n . Initial seeding of the random generator..." );
fflush( stdout );
- entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
@@ -135,8 +140,6 @@
printf( " . Loading the server cert. and key..." );
fflush( stdout );
- memset( &srvcert, 0, sizeof( x509_cert ) );
-
/*
* This demonstration program uses embedded test certificates.
* Instead, you may want to use x509parse_crtfile() to read the
@@ -158,7 +161,6 @@
goto exit;
}
- rsa_init( &rsa, RSA_PKCS_V15, 0 );
ret = x509parse_key( &rsa, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
if( ret != 0 )
@@ -248,7 +250,7 @@
printf( " failed\n ! ctr_drbg_reseed returned %d\n", ret );
goto exit;
}
-
+
if( ( ret = ssl_init( &ssl ) ) != 0 )
{
printf( " failed\n ! ssl_init returned %d\n\n", ret );
@@ -362,7 +364,9 @@
exit:
- net_close( client_fd );
+ if( client_fd != -1 )
+ net_close( client_fd );
+
x509_free( &srvcert );
rsa_free( &rsa );
ssl_free( &ssl );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index a4247da..87e9ef2 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -101,9 +101,13 @@
((void) argc);
((void) argv);
+ memset( &ssl, 0, sizeof(ssl_context) );
#if defined(POLARSSL_SSL_CACHE_C)
ssl_cache_init( &cache );
#endif
+ memset( &srvcert, 0, sizeof( x509_cert ) );
+ rsa_init( &rsa, RSA_PKCS_V15, 0 );
+ entropy_init( &entropy );
/*
* 1. Load the certificates and private RSA key
@@ -111,8 +115,6 @@
printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
- memset( &srvcert, 0, sizeof( x509_cert ) );
-
/*
* This demonstration program uses embedded test certificates.
* Instead, you may want to use x509parse_crtfile() to read the
@@ -134,7 +136,6 @@
goto exit;
}
- rsa_init( &rsa, RSA_PKCS_V15, 0 );
ret = x509parse_key( &rsa, (const unsigned char *) test_srv_key,
strlen( test_srv_key ), NULL, 0 );
if( ret != 0 )
@@ -165,7 +166,6 @@
printf( " . Seeding the random number generator..." );
fflush( stdout );
- entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
@@ -353,7 +353,9 @@
}
#endif
- net_close( client_fd );
+ if( client_fd != -1 )
+ net_close( client_fd );
+
x509_free( &srvcert );
rsa_free( &rsa );
ssl_free( &ssl );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 5734088..5be6d6c 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -712,7 +712,10 @@
}
#endif
- net_close( client_fd );
+
+ if( client_fd != -1 )
+ net_close( client_fd );
+
x509_free( &srvcert );
x509_free( &cacert );
rsa_free( &rsa );
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 04adf29..3e38e66 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -172,7 +172,11 @@
ret = 1;
+ memset( &ssl, 0, sizeof(ssl_context) );
entropy_init( &entropy );
+ memset( &srvcert, 0, sizeof( x509_cert ) );
+ memset( &rsa, 0, sizeof( rsa_context ) );
+
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
@@ -186,9 +190,6 @@
memset( read_state, 0, sizeof( read_state ) );
memset( write_state, 0, sizeof( write_state ) );
- memset( &srvcert, 0, sizeof( x509_cert ) );
- memset( &rsa, 0, sizeof( rsa_context ) );
-
if( opt->opmode == OPMODE_CLIENT )
{
if( ( ret = net_connect( &client_fd, opt->server_name,
@@ -201,7 +202,7 @@
if( ( ret = ssl_init( &ssl ) ) != 0 )
{
printf( " ! ssl_init returned %d\n\n", ret );
- return( ret );
+ goto exit;
}
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
@@ -408,7 +409,9 @@
x509_free( &srvcert );
rsa_free( &rsa );
ssl_free( &ssl );
- net_close( client_fd );
+
+ if( client_fd != -1 )
+ net_close( client_fd );
return( ret );
}