Fix more Memory leaks from the tests
* Clean all memory leaks from the RFC test
Now find out how many others exit
* Fix countersign memory leak problems.
* Clean up mbed leaks
* Undo the fix that crashed
diff --git a/include/cose/cose.h b/include/cose/cose.h
index 3416b40..8c24fb5 100644
--- a/include/cose/cose.h
+++ b/include/cose/cose.h
@@ -645,13 +645,15 @@
cn_cbor* cn_cbor_clone(const cn_cbor* pIn,
CBOR_CONTEXT_COMMA cn_cbor_errback* perr);
+#ifndef CN_CBOR_VERSION
cn_cbor* cn_cbor_tag_create(int tag,
cn_cbor* child,
CBOR_CONTEXT_COMMA cn_cbor_errback* perr);
cn_cbor* cn_cbor_bool_create(int boolValue,
CBOR_CONTEXT_COMMA cn_cbor_errback* errp);
cn_cbor* cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback* errp);
-
+#endif
+
#ifdef __cplusplus
}
#endif
diff --git a/src/Cose.c b/src/Cose.c
index 65e830c..8c29e98 100644
--- a/src/Cose.c
+++ b/src/Cose.c
@@ -203,14 +203,13 @@
CBOR_CONTEXT_COMMA cose_errback *perr)
{
cn_cbor *cbor = NULL;
- cn_cbor *cborRoot = NULL;
cn_cbor_errback cbor_err;
HCOSE h;
CHECK_CONDITION(
(rgbData != NULL) && (ptype != NULL), COSE_ERR_INVALID_PARAMETER);
- cbor = cborRoot =
+ cbor =
cn_cbor_decode(rgbData, cbData, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
CHECK_CONDITION_CBOR(cbor != NULL, cbor_err);
@@ -222,10 +221,14 @@
else {
struct_type = cbor->v.uint;
}
-
*ptype = struct_type;
- cbor = cbor->first_child;
+ cn_cbor *ptag = cbor;
+ cbor = ptag->first_child;
+ ptag->first_child = NULL;
+ ptag->last_child = NULL;
+ cbor->parent = NULL;
+ CN_CBOR_FREE(ptag, context);
}
else {
*ptype = struct_type;
@@ -233,11 +236,13 @@
CHECK_CONDITION(cbor->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
+ cn_cbor *cbor2 = cbor;
+ cbor = NULL;
switch (*ptype) {
case COSE_enveloped_object:
#if INCLUDE_ENCRYPT
h = (HCOSE)_COSE_Enveloped_Init_From_Object(
- cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -249,7 +254,7 @@
case COSE_sign_object:
#if INCLUDE_SIGN
h = (HCOSE)_COSE_Sign_Init_From_Object(
- cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -261,7 +266,7 @@
case COSE_sign1_object:
#if INCLUDE_SIGN1
h = (HCOSE)_COSE_Sign1_Init_From_Object(
- cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -273,7 +278,7 @@
case COSE_mac_object:
#if INCLUDE_MAC
h = (HCOSE)_COSE_Mac_Init_From_Object(
- cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -285,7 +290,7 @@
case COSE_mac0_object:
#if INCLUDE_MAC0
h = (HCOSE)_COSE_Mac0_Init_From_Object(
- cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -297,7 +302,7 @@
case COSE_encrypt_object:
#if INCLUDE_ENCRYPT0
h = (HCOSE)_COSE_Encrypt_Init_From_Object(
- cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ cbor2, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
if (h == NULL) {
goto errorReturn;
}
@@ -313,7 +318,8 @@
return h;
errorReturn:
- COSE_FREE(cbor, context);
+ // M00TODO - break up the init and allocation above for memory tests.
+ CN_CBOR_FREE(cbor, context);
return NULL;
}
@@ -490,8 +496,8 @@
cbProtected = 0;
}
- pProtected = cn_cbor_data_create(
- pbProtected, cbProtected, CBOR_CONTEXT_PARAM_COMMA NULL);
+ pProtected = cn_cbor_data_create2(
+ pbProtected, cbProtected, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(pProtected != NULL, COSE_ERR_OUT_OF_MEMORY);
pbProtected = NULL;
diff --git a/src/CounterSign.c b/src/CounterSign.c
index bd6a2a8..d7fee85 100644
--- a/src/CounterSign.c
+++ b/src/CounterSign.c
@@ -234,7 +234,10 @@
CHECK_CONDITION(pkey != NULL, COSE_ERR_INVALID_PARAMETER);
COSE_CounterSign* p = (COSE_CounterSign*)h;
- p->m_signer.m_pkey = pkey;
+ if (p->m_signer.m_pkey != NULL) {
+ CN_CBOR_FREE(p->m_signer.m_pkey, &p->m_signer.m_message.m_allocContext);
+ }
+ p->m_signer.m_pkey = (cn_cbor *) pkey;
fRet = true;
errorReturn:
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 5be2f27..440fcc7 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -350,7 +350,7 @@
if (pRecip != NULL) {
COSE_RecipientInfo *pRecipX = NULL;
- cose_errback errorLocal;
+ cose_errback errorLocal = {0};
int errorFound = 0;
for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL;
@@ -1069,6 +1069,10 @@
}
#endif
+ if (pAuthData != NULL) {
+ CN_CBOR_FREE(pAuthData, context);
+ }
+
return true;
errorReturn:
diff --git a/src/MacMessage.c b/src/MacMessage.c
index 62287da..5bc59e7 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -883,6 +883,10 @@
COSE_FREE(pbKeyNew, context);
}
+ if (pbAuthData != NULL) {
+ COSE_FREE(pbAuthData, context);
+ }
+
return fRet;
}
#endif
diff --git a/src/Recipient.c b/src/Recipient.c
index fd5d208..dd2c307 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -146,6 +146,15 @@
}
_COSE_Enveloped_Release(&pRecipient->m_encrypt);
+ if (pRecipient->m_pkey != NULL) {
+ CN_CBOR_FREE((cn_cbor *)pRecipient->m_pkey,
+ &pRecipient->m_encrypt.m_message.m_allocContext);
+ }
+ if (pRecipient->m_pkeyStatic != NULL) {
+ CN_CBOR_FREE((cn_cbor *) pRecipient->m_pkeyStatic,
+ &pRecipient->m_encrypt.m_message.m_allocContext);
+ }
+
COSE_FREE(pRecipient, &pRecipient->m_encrypt.m_message.m_allocContext);
return;
@@ -353,6 +362,9 @@
if (pbSecret != NULL) {
COSE_FREE(pbSecret, context);
}
+ if (pbKeyX != NULL) {
+ COSE_FREE(pbKeyX, context);
+ }
return false;
}
CHECK_CONDITION(cn->type != CN_CBOR_TEXT, COSE_ERR_UNKNOWN_ALGORITHM);
@@ -756,6 +768,10 @@
break;
}
+ if (pbKeyX != NULL) {
+ COSE_FREE(pbKeyX, context);
+ }
+
return true;
}
@@ -1421,6 +1437,10 @@
CHECK_CONDITION(pKey != NULL, COSE_ERR_INVALID_PARAMETER);
p = (COSE_RecipientInfo *)h;
+ if (p->m_pkey != NULL) {
+ CN_CBOR_FREE((cn_cbor *) p->m_pkey, &p->m_encrypt.m_message.m_allocContext);
+ }
+
p->m_pkey = pKey;
return true;
@@ -1670,7 +1690,7 @@
cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
}
else {
- cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
}
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
CHECK_CONDITION_CBOR(
diff --git a/src/Sign1.c b/src/Sign1.c
index 2a59346..a9dd02d 100644
--- a/src/Sign1.c
+++ b/src/Sign1.c
@@ -388,7 +388,7 @@
CN_CBOR_FREE(cn, context);
}
if (pArray != NULL) {
- COSE_FREE(pArray, context);
+ CN_CBOR_FREE(pArray, context);
}
return true;
@@ -400,7 +400,7 @@
CN_CBOR_FREE(cn, context);
}
if (pArray != NULL) {
- COSE_FREE(pArray, context);
+ CN_CBOR_FREE(pArray, context);
}
return false;
}
diff --git a/src/SignerInfo.c b/src/SignerInfo.c
index 76b5728..1513366 100644
--- a/src/SignerInfo.c
+++ b/src/SignerInfo.c
@@ -34,6 +34,7 @@
}
_COSE_Release(&pSigner->m_message);
+ CN_CBOR_FREE(pSigner->m_pkey, &pSigner->m_message.m_allocContext);
return true;
}
diff --git a/src/cbor.c b/src/cbor.c
index 2e34d4c..83f8e90 100644
--- a/src/cbor.c
+++ b/src/cbor.c
@@ -39,12 +39,12 @@
* Replace the i-th element in the array.
* Extend the array if necessary so it has enough elements.
*
- * @param[in] cn_cbor * Array to use
- * @param[in] const cn_cbor * New item to be placed in the array
- * @param[in] int Zero based index to be used
- * @param[in] context * Context based allocation structure
- * @param[in,out] cn_cbor_errback * CBOR error return on failure
- * returns bool Did we succeed?
+ * @param[in] cb_array Array to use
+ * @param[in] cb_value New item to be placed in the array
+ * @param[in] index Zero based index to be used
+ * @param[in] CBOR_CONTEXT Context based allocation structure
+ * @param[in,out] errp CBOR error return on failure
+ * returns Did we succeed?
*/
bool cn_cbor_array_replace(cn_cbor *cb_array,
@@ -141,7 +141,7 @@
}
memcpy(sz, pIn->v.str, pIn->length);
sz[pIn->length] = 0;
- pOut = cn_cbor_string_create(sz CBOR_CONTEXT_PARAM, pcn_cbor_error);
+ pOut = cn_cbor_string_create2(sz, 0 CBOR_CONTEXT_PARAM, pcn_cbor_error);
break;
case CN_CBOR_UINT:
@@ -155,8 +155,8 @@
return NULL;
}
memcpy(pb, pIn->v.bytes, pIn->length);
- pOut = cn_cbor_data_create(
- pb, (int)pIn->length CBOR_CONTEXT_PARAM, pcn_cbor_error);
+ pOut = cn_cbor_data_create2(
+ pb, (int)pIn->length, 0 CBOR_CONTEXT_PARAM, pcn_cbor_error);
break;
default:
@@ -166,6 +166,7 @@
return pOut;
}
+#ifndef CN_CBOR_VERSION
cn_cbor *cn_cbor_tag_create(int tag,
cn_cbor *child,
CBOR_CONTEXT_COMMA cn_cbor_errback *perr)
@@ -213,6 +214,7 @@
pcn->type = CN_CBOR_NULL;
return pcn;
}
+#endif
size_t cn_cbor_encode_size(cn_cbor *object)
{
diff --git a/src/cose_int.h b/src/cose_int.h
index 23f7308..0c6dcd2 100644
--- a/src/cose_int.h
+++ b/src/cose_int.h
@@ -59,7 +59,7 @@
struct _SignerInfo {
COSE m_message;
- const cn_cbor *m_pkey;
+ cn_cbor *m_pkey;
COSE_SignerInfo *m_signerNext;
};
@@ -407,6 +407,29 @@
/// NEW CBOR FUNCTIONS
+#ifndef CN_CBOR_VERSION
+static inline cn_cbor * cn_cbor_string_create2(const char * sz, int flags, CBOR_CONTEXT_COMMA cn_cbor_errback * perr)
+{
+ return cn_cbor_string_create(sz,
+#ifdef USE_CBOR_CONTEXT
+ context,
+#endif
+ perr);
+}
+
+static inline cn_cbor *cn_cbor_data_create2(const byte *pb, int cb,
+ int flags,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *perr)
+{
+ return cn_cbor_data_create(pb, cb,
+#ifdef USE_CBOR_CONTEXT
+ context,
+#endif
+ perr);
+}
+
+#endif
+
bool cn_cbor_array_replace(cn_cbor *cb_array,
cn_cbor *cb_value,
int index,
diff --git a/src/mbedtls.c b/src/mbedtls.c
index 27b9f47..4732816 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -127,8 +127,8 @@
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, NSize);
memcpy(rgbIV, pbIV, NSize);
- cbor_iv_t = cn_cbor_data_create(
- pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ cbor_iv_t = cn_cbor_data_create2(
+ pbIV, NSize, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
@@ -162,8 +162,8 @@
&rgbOut[pcose->cbContent], TSize),
COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(
- rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create2(
+ rgbOut, (int)pcose->cbContent + TSize, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
@@ -315,8 +315,8 @@
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, 96 / 8);
memcpy(rgbIV, pbIV, 96 / 8);
- cbor_iv_t = cn_cbor_data_create(
- pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ cbor_iv_t = cn_cbor_data_create2(
+ pbIV, 96 / 8, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
@@ -365,8 +365,8 @@
mbedtls_gcm_finish(&ctx, &rgbOut[pcose->cbContent], 128 / 8),
COSE_ERR_CRYPTO_FAIL);
- cn_cbor *cnTmp = cn_cbor_data_create(
- rgbOut, (int)pcose->cbContent + 128 / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cnTmp = cn_cbor_data_create2(
+ rgbOut, (int)pcose->cbContent + 128 / 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
@@ -374,6 +374,10 @@
COSE_ERR_CBOR);
mbedtls_gcm_free(&ctx);
+
+ if (pbIV != NULL) {
+ COSE_FREE(pbIV, context);
+ }
return true;
errorReturn:
@@ -521,6 +525,7 @@
mbedtls_md_context_t contx;
const char *md_name;
const struct mbedtls_md_info_t *info;
+ cn_cbor *cbor = NULL;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context = &pcose->m_message.m_allocContext;
@@ -543,6 +548,9 @@
if (0) {
errorReturn:
+ if (cbor != NULL) {
+ COSE_FREE(cbor, context);
+ }
COSE_FREE(rgbOut, context);
mbedtls_md_free(&contx);
return false;
@@ -562,10 +570,12 @@
CHECK_CONDITION(
!(mbedtls_md_hmac_finish(&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message,
- cn_cbor_data_create(
- rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL),
- INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL),
+ cbor = cn_cbor_data_create2(
+ rgbOut, TSize / 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ CHECK_CONDITION(cbor != NULL, COSE_ERR_OUT_OF_MEMORY);
+ rgbOut = NULL;
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cbor, INDEX_MAC_TAG,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
COSE_ERR_CBOR);
mbedtls_md_free(&contx);
@@ -633,10 +643,14 @@
f |= (cn->v.bytes[i] != rgbOut[i]);
}
+ COSE_FREE(rgbOut, context);
mbedtls_md_free(&contx);
return !f;
errorReturn:
+ if (rgbOut != NULL) {
+ COSE_FREE(rgbOut, context);
+ }
COSE_FREE(rgbOut, context);
mbedtls_md_free(&contx);
return false;
@@ -1188,8 +1202,8 @@
CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
memcpy(pbsecret, buff + 1, cbSize);
- p = cn_cbor_data_create(
- pbsecret, (int)cbSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ p = cn_cbor_data_create2(
+ pbsecret, (int)cbSize, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
pbsecret = NULL;
CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p,
@@ -1201,9 +1215,10 @@
CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
memcpy(pbsecret, buff + 1 + cbSize, cbSize);
- p = cn_cbor_data_create(
- pbsecret, cbSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ p = cn_cbor_data_create2(
+ pbsecret, cbSize, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ pbsecret = NULL;
CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
CBOR_CONTEXT_PARAM_COMMA & cbor_error),
cbor_error);
diff --git a/src/openssl.c b/src/openssl.c
index b1ace50..a050b6a 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -216,8 +216,8 @@
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, NSize);
memcpy(rgbIV, pbIV, NSize);
- cbor_iv_t = cn_cbor_data_create(
- pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ cbor_iv_t = cn_cbor_data_create2(
+ pbIV, NSize, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
@@ -272,8 +272,8 @@
&rgbOut[pcose->cbContent]),
COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(
- rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create2(
+ rgbOut, (int)pcose->cbContent + TSize, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
@@ -447,8 +447,8 @@
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, 96 / 8);
memcpy(rgbIV, pbIV, 96 / 8);
- cbor_iv_t = cn_cbor_data_create(
- pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ cbor_iv_t = cn_cbor_data_create2(
+ pbIV, 96 / 8, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
@@ -509,8 +509,8 @@
&rgbOut[pcose->cbContent]),
COSE_ERR_CRYPTO_FAIL);
- cn_cbor *cnTmp = cn_cbor_data_create(
- rgbOut, (int)pcose->cbContent + 128 / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cnTmp = cn_cbor_data_create2(
+ rgbOut, (int)pcose->cbContent + 128 / 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
@@ -518,6 +518,10 @@
COSE_ERR_CBOR);
EVP_CIPHER_CTX_free(ctx);
+
+ if (pbIV != NULL) {
+ COSE_FREE(pbIV, context);
+ }
return true;
errorReturn:
@@ -592,7 +596,7 @@
COSE_ERR_CRYPTO_FAIL);
}
- cn = cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn = cn_cbor_data_create2(rgbOut, TSize / 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cn != NULL, COSE_ERR_OUT_OF_MEMORY);
rgbOut = NULL;
@@ -943,6 +947,7 @@
const EVP_MD *pmd = NULL;
byte *rgbOut = NULL;
unsigned int cbOut;
+ cn_cbor *cbor = NULL;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
@@ -953,6 +958,9 @@
if (0) {
errorReturn:
COSE_FREE(rgbOut, context);
+ if (cbor != NULL) {
+ COSE_FREE(cbor, context);
+ }
HMAC_CTX_free(ctx);
return false;
}
@@ -981,9 +989,10 @@
HMAC_Update(ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(HMAC_Final(ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message,
- cn_cbor_data_create(
- rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL),
+cbor = cn_cbor_data_create2(rgbOut, TSize / 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ CHECK_CONDITION(cbor != NULL, COSE_ERR_OUT_OF_MEMORY);
+
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cbor,
INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL),
COSE_ERR_CBOR);
@@ -1000,7 +1009,7 @@
size_t cbAuthData,
cose_errback *perr)
{
- HMAC_CTX *ctx;
+ HMAC_CTX *ctx = NULL;
const EVP_MD *pmd = NULL;
byte *rgbOut = NULL;
unsigned int cbOut;
@@ -1047,11 +1056,14 @@
f |= (cn->v.bytes[i] != rgbOut[i]);
}
+ COSE_FREE(rgbOut, context);
HMAC_CTX_free(ctx);
return !f;
errorReturn:
- COSE_FREE(rgbOut, context);
+ if (rgbOut != NULL) {
+ COSE_FREE(rgbOut, context);
+ }
HMAC_CTX_free(ctx);
return false;
}
@@ -1158,6 +1170,7 @@
cn_cbor *p = NULL;
cn_cbor_errback cbor_error;
const EC_POINT *pPoint;
+ byte *pbPoint = NULL;
size_t cbSize;
byte *pbOut = NULL;
@@ -1196,27 +1209,32 @@
cbSize = EC_POINT_point2oct(
pgroup, pPoint, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
- pbOut = COSE_CALLOC(cbSize, 1, context);
- CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbPoint = COSE_CALLOC(cbSize, 1, context);
+ CHECK_CONDITION(pbPoint != NULL, COSE_ERR_OUT_OF_MEMORY);
CHECK_CONDITION(
EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED,
- pbOut, cbSize, NULL) == cbSize,
+ pbPoint, cbSize, NULL) == cbSize,
COSE_ERR_CRYPTO_FAIL);
}
else {
cbSize = EC_POINT_point2oct(
pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
- pbOut = COSE_CALLOC(cbSize, 1, context);
- CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbPoint = COSE_CALLOC(cbSize, 1, context);
+ CHECK_CONDITION(pbPoint != NULL, COSE_ERR_OUT_OF_MEMORY);
CHECK_CONDITION(
EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED,
- pbOut, cbSize, NULL) == cbSize,
+ pbPoint, cbSize, NULL) == cbSize,
COSE_ERR_CRYPTO_FAIL);
}
- p = cn_cbor_data_create(
- pbOut + 1, (int)(cbSize / 2), CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+
+ pbOut = COSE_CALLOC((int)(cbSize / 2), 1, context);
+ CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
+ memcpy(pbOut, pbPoint + 1, (int)(cbSize / 2));
+ p = cn_cbor_data_create2(
+ pbOut, (int)(cbSize / 2), 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ pbOut = NULL;
CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p,
CBOR_CONTEXT_PARAM_COMMA & cbor_error),
cbor_error);
@@ -1224,7 +1242,7 @@
if (FUseCompressed) {
p = cn_cbor_bool_create(
- pbOut[0] & 1, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ pbPoint[0] & 1, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
CBOR_CONTEXT_PARAM_COMMA & cbor_error),
@@ -1232,10 +1250,13 @@
p = NULL;
}
else {
- p = cn_cbor_data_create(pbOut + cbSize / 2 + 1, (int)(cbSize / 2),
+ pbOut = COSE_CALLOC((int)(cbSize / 2), 1, context);
+ CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
+ memcpy(pbOut, pbPoint + cbSize / 2 + 1, (int)(cbSize / 2));
+ p = cn_cbor_data_create2(pbOut, (int)(cbSize / 2), 0,
CBOR_CONTEXT_PARAM_COMMA & cbor_error);
- pbOut = NULL; // It is already part of the other one.
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ pbOut = NULL;
CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
CBOR_CONTEXT_PARAM_COMMA & cbor_error),
cbor_error);
@@ -1251,6 +1272,9 @@
p = NULL;
returnHere:
+ if (pbPoint != NULL) {
+ COSE_FREE(pbPoint, context);
+ }
if (pbOut != NULL) {
COSE_FREE(pbOut, context);
}
@@ -1351,8 +1375,8 @@
CHECK_CONDITION(cb <= cbR, COSE_ERR_INVALID_PARAMETER);
memcpy(pbSig + 2 * cbR - cb, rgbSig, cb);
- p = cn_cbor_data_create(
- pbSig, cbR * 2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ p = cn_cbor_data_create2(
+ pbSig, cbR * 2, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
CHECK_CONDITION(
@@ -1527,8 +1551,8 @@
EVP_DigestSign(mdCtx, pbSig, &cb2, rgbToSign, cbToSign) == 1,
COSE_ERR_CRYPTO_FAIL);
- p = cn_cbor_data_create(
- pbSig, (int)cb2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ p = cn_cbor_data_create2(
+ pbSig, (int)cb2, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION(p != NULL, COSE_ERR_OUT_OF_MEMORY);
pbSig = NULL;
@@ -1669,8 +1693,8 @@
CHECK_CONDITION(AES_wrap_key(&key, NULL, pbOut, pbContent, cbContent),
COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(
- pbOut, (int)cbContent + 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create2(
+ pbOut, (int)cbContent + 8, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
pbOut = NULL;
CHECK_CONDITION(_COSE_array_replace(&pcose->m_encrypt.m_message, cnTmp,
diff --git a/test/context.c b/test/context.c
index 881517e..3f38d11 100644
--- a/test/context.c
+++ b/test/context.c
@@ -91,12 +91,25 @@
{
MyItem *pb = (MyItem *)((byte *)ptr - sizeof(MyItem) + 4);
MyContext *myContext = (MyContext *)context;
+ MyItem *pItem = NULL;
CheckMemory(myContext);
if (ptr == NULL) {
return;
}
+ for (pItem = (MyItem *)myContext->pFirst; pItem != NULL;
+ pItem = pItem->pNext) {
+ if (pItem == pb) {
+ break;
+ }
+ }
+
+ if (pItem == NULL) {
+ // Not an item we allocated
+ assert(false);
+ }
+
memset(&pb->pad, 0xab, pb->size + 8);
}
diff --git a/test/encrypt.c b/test/encrypt.c
index c451310..5ebe131 100644
--- a/test/encrypt.c
+++ b/test/encrypt.c
@@ -233,7 +233,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -307,7 +306,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -758,9 +756,10 @@
cn_cbor *pcnEncoded)
{
const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor *pFail;
- const cn_cbor *pEncrypt;
- const cn_cbor *pRecipients;
+ const cn_cbor *pFail = NULL;
+ const cn_cbor *pEncrypt = NULL;
+ const cn_cbor *pRecipients = NULL;
+ cn_cbor *pkey = NULL;
HCOSE_ENCRYPT hEnc = NULL;
int type;
bool fFail = false;
@@ -817,7 +816,7 @@
goto returnError;
}
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
+ pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
if (pkey == NULL) {
goto returnError;
}
@@ -929,7 +928,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -939,6 +937,9 @@
if (hEnc != NULL) {
COSE_Encrypt_Free(hEnc);
}
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
if (fAlgSupport) {
if (fFailBody) {
@@ -990,6 +991,7 @@
int BuildEncryptMessage(const cn_cbor *pControl)
{
+ cn_cbor *pkey = NULL;
//
// We don't run this for all control sequences - skip those marked fail.
//
@@ -1032,7 +1034,7 @@
}
pRecipients = pRecipients->first_child;
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
+ pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
if (pkey == NULL) {
goto returnError;
}
@@ -1093,6 +1095,11 @@
COSE_Encrypt_Free(hEncObj);
int f = _ValidateEncrypt(pControl, rgb, cb, NULL);
+
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
+
free(rgb);
return f;
@@ -1101,6 +1108,10 @@
COSE_Encrypt_Free(hEncObj);
}
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
+
CFails += 1;
return 1;
}
diff --git a/test/mac_test.c b/test/mac_test.c
index 45a98c3..17021d7 100644
--- a/test/mac_test.c
+++ b/test/mac_test.c
@@ -207,7 +207,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -284,7 +283,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -625,10 +623,11 @@
size_t cbEncoded)
{
const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor *pFail;
- const cn_cbor *pMac;
- const cn_cbor *pRecipients;
- HCOSE_MAC0 hMAC;
+ const cn_cbor *pFail = NULL;
+ const cn_cbor *pMac = NULL;
+ const cn_cbor *pRecipients = NULL;
+ cn_cbor *pkey = NULL;
+ HCOSE_MAC0 hMAC = NULL;
int type;
bool fFail = false;
bool fFailBody = false;
@@ -669,7 +668,7 @@
pRecipients = pRecipients->first_child;
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
+ pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
if (pkey == NULL) {
fFail = true;
goto exitHere;
@@ -771,7 +770,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -787,6 +785,9 @@
}
exitHere:
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
if (hMAC != NULL) {
COSE_Mac0_Free(hMAC);
}
@@ -814,6 +815,8 @@
int BuildMac0Message(const cn_cbor *pControl)
{
+ cn_cbor *pkey = NULL;
+
//
// We don't run this for all control sequences - skip those marked fail.
//
@@ -852,7 +855,7 @@
pRecipients = pRecipients->first_child;
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
+ pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
if (pkey == NULL) {
goto returnError;
}
@@ -910,6 +913,7 @@
cb = COSE_Encode((HCOSE)hMacObj, rgb, 0, cb);
COSE_Mac0_Free(hMacObj);
+ CN_CBOR_FREE(pkey, context);
int f = _ValidateMac0(pControl, rgb, cb);
@@ -917,6 +921,9 @@
return f;
returnError:
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
COSE_Mac0_Free(hMacObj);
CFails += 1;
return 1;
diff --git a/test/sign.c b/test/sign.c
index 8f2fb9e..603b80a 100644
--- a/test/sign.c
+++ b/test/sign.c
@@ -185,7 +185,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -260,7 +259,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -589,7 +587,8 @@
const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
const cn_cbor *pFail;
const cn_cbor *pSign;
- HCOSE_SIGN1 hSig;
+ HCOSE_SIGN1 hSig = NULL;
+ cn_cbor *pkey = NULL;
int type;
bool fFail = false;
bool fFailBody = false;
@@ -624,7 +623,7 @@
goto returnError;
}
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
+ pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
if (pkey == NULL) {
fFail = true;
goto exitHere;
@@ -723,7 +722,6 @@
}
}
- CN_CBOR_FREE(pkeyCountersign, context);
COSE_CounterSign_Free(h);
}
}
@@ -746,6 +744,9 @@
if (fFail) {
CFails += 1;
}
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
return fNoAlgSupport ? 0 : 1;
returnError:
@@ -767,6 +768,7 @@
int BuildSign1Message(const cn_cbor *pControl)
{
+ cn_cbor *pkey = NULL;
//
// We don't run this for all control sequences - skip those marked fail.
//
@@ -798,7 +800,7 @@
goto returnError;
}
- cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
+ pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
if (pkey == NULL) {
goto returnError;
}
@@ -855,6 +857,9 @@
cb = COSE_Encode((HCOSE)hSignObj, rgb, 0, cb);
COSE_Sign1_Free(hSignObj);
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
int f = _ValidateSign1(pControl, rgb, cb);
@@ -865,6 +870,9 @@
if (hSignObj != NULL) {
COSE_Sign1_Free(hSignObj);
}
+ if (pkey != NULL) {
+ CN_CBOR_FREE(pkey, context);
+ }
CFails += 1;
return 1;
}
diff --git a/test/test.c b/test/test.c
index 6a794ef..ce712fa 100644
--- a/test/test.c
+++ b/test/test.c
@@ -121,6 +121,7 @@
byte* FromHex(const char* rgch, int cch)
{
+ // M00BUG - Why is this using malloc? It does not get freed anyplace.
byte* pb = malloc(cch / 2);
const char* pb2 = rgch;
@@ -499,7 +500,7 @@
cn_cbor* pExternal = cn_cbor_mapget_string(pIn, "external");
if (pExternal != NULL) {
- cn_cbor* pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor* pcn = pExternal;
if (pcn == NULL) {
goto returnError;
}
@@ -594,11 +595,12 @@
cn_cbor* pExternal = cn_cbor_mapget_string(pIn, "external");
if (pExternal != NULL) {
- cn_cbor* pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor* pcn = pExternal;
if (pcn == NULL) {
goto returnError;
}
switch (base) {
+
#if INCLUDE_ENCRYPT0
case Attributes_Encrypt_protected:
if (!COSE_Encrypt_SetExternal((HCOSE_ENCRYPT)hMsg,
