diff options
author | Olivier Roques <oroques+fdio@cisco.com> | 2020-03-11 14:20:22 +0100 |
---|---|---|
committer | Olivier Roques <oroques+fdio@cisco.com> | 2020-03-11 14:21:40 +0100 |
commit | c564dd5c456de2d27b43cb3888d998e814abba57 (patch) | |
tree | 0c50a0d3a69baafe954057d3b6a7a7964ee4d043 /libtransport | |
parent | 23657bc8a770734a74f73f6d07075130a366ef00 (diff) |
[HICN-546] Fix memory leak on producer side
Fix a memory leak caused during the signing of packets on the producer side
by releasing the signature when signing is done.
Change-Id: I352885913e3a16d03fcc77116238928edb090e01
Signed-off-by: Olivier Roques <oroques+fdio@cisco.com>
Diffstat (limited to 'libtransport')
-rw-r--r-- | libtransport/src/security/signer.cc | 4 | ||||
-rw-r--r-- | libtransport/src/security/verifier.cc | 16 |
2 files changed, 7 insertions, 13 deletions
diff --git a/libtransport/src/security/signer.cc b/libtransport/src/security/signer.cc index 314c3ea82..8a56cfa3d 100644 --- a/libtransport/src/security/signer.cc +++ b/libtransport/src/security/signer.cc @@ -162,12 +162,10 @@ void Signer::sign(Packet &packet) { } CryptoHash hash = hasher.finalize(); - signature_ = parcSigner_SignDigestNoAlloc(this->signer_, hash.hash_, packet.getSignature(), (uint32_t)signature_length_); PARCBuffer *buffer = parcSignature_GetSignature(signature_); - size_t bytes_len = parcBuffer_Remaining(buffer); if (bytes_len > signature_length_) { @@ -176,6 +174,8 @@ void Signer::sign(Packet &packet) { hicn_packet_copy_header(format, &header_copy, (hicn_header_t *)packet.packet_start_, false); + + parcSignature_Release(&signature_); } size_t Signer::getSignatureLength() { return signature_length_; } diff --git a/libtransport/src/security/verifier.cc b/libtransport/src/security/verifier.cc index 19796f718..0cfbdc6f9 100644 --- a/libtransport/src/security/verifier.cc +++ b/libtransport/src/security/verifier.cc @@ -116,17 +116,10 @@ PARCKeyId *Verifier::addKeyFromCertificate(const std::string &file_name) { } int Verifier::verify(const Packet &packet) { - // to initialize packet.payload_head_ + // Initialize packet.payload_head_ const_cast<Packet *>(&packet)->separateHeaderPayload(); - bool valid = false; - - // initialize packet.payload_head_ - const_cast<Packet *>(&packet)->separateHeaderPayload(); - // header chain points to the IP + TCP hicn header - // utils::MemBuf *header_chain = packet.header_head_; - // utils::MemBuf *payload_chain = packet.payload_head_; - // uint8_t *hicn_packet = header_chain->writableData(); Packet::Format format = packet.getFormat(); + bool valid = false; if (!(packet.format_ & HFO_AH)) { throw errors::MalformedAHPacketException(); @@ -149,11 +142,12 @@ int Verifier::verify(const Packet &packet) { int ah_payload_len = (int)packet.getSignatureSize(); uint8_t *_signature = packet.getSignature(); uint8_t *signature = new uint8_t[ah_payload_len]; + std::shared_ptr<CryptoHasher> hasher; + // TODO Remove signature copy at this point, by not setting to zero // the validation payload. std::memcpy(signature, _signature, ah_payload_len); - std::shared_ptr<CryptoHasher> hasher; switch (CryptoSuite(suite)) { case CryptoSuite::DSA_SHA256: case CryptoSuite::RSA_SHA256: @@ -178,7 +172,7 @@ int Verifier::verify(const Packet &packet) { parcBuffer_Wrap(signature, ah_payload_len, 0, ah_payload_len); parcBuffer_Rewind(bits); - /* IF the signature algo is ECDSA, the signature might be shorter than the + /* If the signature algo is ECDSA, the signature might be shorter than the * signature field */ PARCSigningAlgorithm algo = parcCryptoSuite_GetSigningAlgorithm(suite); while (algo == PARCSigningAlgorithm_ECDSA && parcBuffer_HasRemaining(bits) && |