From c564dd5c456de2d27b43cb3888d998e814abba57 Mon Sep 17 00:00:00 2001 From: Olivier Roques Date: Wed, 11 Mar 2020 14:20:22 +0100 Subject: [HICN-546] Fix memory leak on producer side Fix a memory leak caused during the signing of packets on the producer side by releasing the signature when signing is done. Change-Id: I352885913e3a16d03fcc77116238928edb090e01 Signed-off-by: Olivier Roques --- libtransport/src/security/signer.cc | 4 ++-- libtransport/src/security/verifier.cc | 16 +++++----------- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/libtransport/src/security/signer.cc b/libtransport/src/security/signer.cc index 314c3ea82..8a56cfa3d 100644 --- a/libtransport/src/security/signer.cc +++ b/libtransport/src/security/signer.cc @@ -162,12 +162,10 @@ void Signer::sign(Packet &packet) { } CryptoHash hash = hasher.finalize(); - signature_ = parcSigner_SignDigestNoAlloc(this->signer_, hash.hash_, packet.getSignature(), (uint32_t)signature_length_); PARCBuffer *buffer = parcSignature_GetSignature(signature_); - size_t bytes_len = parcBuffer_Remaining(buffer); if (bytes_len > signature_length_) { @@ -176,6 +174,8 @@ void Signer::sign(Packet &packet) { hicn_packet_copy_header(format, &header_copy, (hicn_header_t *)packet.packet_start_, false); + + parcSignature_Release(&signature_); } size_t Signer::getSignatureLength() { return signature_length_; } diff --git a/libtransport/src/security/verifier.cc b/libtransport/src/security/verifier.cc index 19796f718..0cfbdc6f9 100644 --- a/libtransport/src/security/verifier.cc +++ b/libtransport/src/security/verifier.cc @@ -116,17 +116,10 @@ PARCKeyId *Verifier::addKeyFromCertificate(const std::string &file_name) { } int Verifier::verify(const Packet &packet) { - // to initialize packet.payload_head_ + // Initialize packet.payload_head_ const_cast(&packet)->separateHeaderPayload(); - bool valid = false; - - // initialize packet.payload_head_ - const_cast(&packet)->separateHeaderPayload(); - // header chain points to the IP + TCP hicn header - // utils::MemBuf *header_chain = packet.header_head_; - // utils::MemBuf *payload_chain = packet.payload_head_; - // uint8_t *hicn_packet = header_chain->writableData(); Packet::Format format = packet.getFormat(); + bool valid = false; if (!(packet.format_ & HFO_AH)) { throw errors::MalformedAHPacketException(); @@ -149,11 +142,12 @@ int Verifier::verify(const Packet &packet) { int ah_payload_len = (int)packet.getSignatureSize(); uint8_t *_signature = packet.getSignature(); uint8_t *signature = new uint8_t[ah_payload_len]; + std::shared_ptr hasher; + // TODO Remove signature copy at this point, by not setting to zero // the validation payload. std::memcpy(signature, _signature, ah_payload_len); - std::shared_ptr hasher; switch (CryptoSuite(suite)) { case CryptoSuite::DSA_SHA256: case CryptoSuite::RSA_SHA256: @@ -178,7 +172,7 @@ int Verifier::verify(const Packet &packet) { parcBuffer_Wrap(signature, ah_payload_len, 0, ah_payload_len); parcBuffer_Rewind(bits); - /* IF the signature algo is ECDSA, the signature might be shorter than the + /* If the signature algo is ECDSA, the signature might be shorter than the * signature field */ PARCSigningAlgorithm algo = parcCryptoSuite_GetSigningAlgorithm(suite); while (algo == PARCSigningAlgorithm_ECDSA && parcBuffer_HasRemaining(bits) && -- cgit 1.2.3-korg