aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOlivier Roques <oroques+fdio@cisco.com>2020-03-11 14:20:22 +0100
committerOlivier Roques <oroques+fdio@cisco.com>2020-03-11 14:21:40 +0100
commitc564dd5c456de2d27b43cb3888d998e814abba57 (patch)
tree0c50a0d3a69baafe954057d3b6a7a7964ee4d043
parent23657bc8a770734a74f73f6d07075130a366ef00 (diff)
[HICN-546] Fix memory leak on producer side
Fix a memory leak caused during the signing of packets on the producer side by releasing the signature when signing is done. Change-Id: I352885913e3a16d03fcc77116238928edb090e01 Signed-off-by: Olivier Roques <oroques+fdio@cisco.com>
-rw-r--r--libtransport/src/security/signer.cc4
-rw-r--r--libtransport/src/security/verifier.cc16
2 files changed, 7 insertions, 13 deletions
diff --git a/libtransport/src/security/signer.cc b/libtransport/src/security/signer.cc
index 314c3ea..8a56cfa 100644
--- a/libtransport/src/security/signer.cc
+++ b/libtransport/src/security/signer.cc
@@ -162,12 +162,10 @@ void Signer::sign(Packet &packet) {
}
CryptoHash hash = hasher.finalize();
-
signature_ = parcSigner_SignDigestNoAlloc(this->signer_, hash.hash_,
packet.getSignature(),
(uint32_t)signature_length_);
PARCBuffer *buffer = parcSignature_GetSignature(signature_);
-
size_t bytes_len = parcBuffer_Remaining(buffer);
if (bytes_len > signature_length_) {
@@ -176,6 +174,8 @@ void Signer::sign(Packet &packet) {
hicn_packet_copy_header(format, &header_copy,
(hicn_header_t *)packet.packet_start_, false);
+
+ parcSignature_Release(&signature_);
}
size_t Signer::getSignatureLength() { return signature_length_; }
diff --git a/libtransport/src/security/verifier.cc b/libtransport/src/security/verifier.cc
index 19796f7..0cfbdc6 100644
--- a/libtransport/src/security/verifier.cc
+++ b/libtransport/src/security/verifier.cc
@@ -116,17 +116,10 @@ PARCKeyId *Verifier::addKeyFromCertificate(const std::string &file_name) {
}
int Verifier::verify(const Packet &packet) {
- // to initialize packet.payload_head_
+ // Initialize packet.payload_head_
const_cast<Packet *>(&packet)->separateHeaderPayload();
- bool valid = false;
-
- // initialize packet.payload_head_
- const_cast<Packet *>(&packet)->separateHeaderPayload();
- // header chain points to the IP + TCP hicn header
- // utils::MemBuf *header_chain = packet.header_head_;
- // utils::MemBuf *payload_chain = packet.payload_head_;
- // uint8_t *hicn_packet = header_chain->writableData();
Packet::Format format = packet.getFormat();
+ bool valid = false;
if (!(packet.format_ & HFO_AH)) {
throw errors::MalformedAHPacketException();
@@ -149,11 +142,12 @@ int Verifier::verify(const Packet &packet) {
int ah_payload_len = (int)packet.getSignatureSize();
uint8_t *_signature = packet.getSignature();
uint8_t *signature = new uint8_t[ah_payload_len];
+ std::shared_ptr<CryptoHasher> hasher;
+
// TODO Remove signature copy at this point, by not setting to zero
// the validation payload.
std::memcpy(signature, _signature, ah_payload_len);
- std::shared_ptr<CryptoHasher> hasher;
switch (CryptoSuite(suite)) {
case CryptoSuite::DSA_SHA256:
case CryptoSuite::RSA_SHA256:
@@ -178,7 +172,7 @@ int Verifier::verify(const Packet &packet) {
parcBuffer_Wrap(signature, ah_payload_len, 0, ah_payload_len);
parcBuffer_Rewind(bits);
- /* IF the signature algo is ECDSA, the signature might be shorter than the
+ /* If the signature algo is ECDSA, the signature might be shorter than the
* signature field */
PARCSigningAlgorithm algo = parcCryptoSuite_GetSigningAlgorithm(suite);
while (algo == PARCSigningAlgorithm_ECDSA && parcBuffer_HasRemaining(bits) &&