diff options
author | Pascal Quantin <pascal.quantin@gmail.com> | 2018-05-28 15:14:56 +0200 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-05-29 07:07:35 +0000 |
commit | f59272dd8fc0134d4915dd1330460785da259feb (patch) | |
tree | 979ca6f08460ce08d48e46b88cc86560b83cad6d /epan/dissectors/packet-ipsec.c | |
parent | 338604ad9ec9d0fa6d49626e82f58c84d519fb93 (diff) |
ESP: fix a memory leak in UAT management
When updating a SA, ensure to free the previous key before
allocating a new one.
Change-Id: I9e5486c8214d7ce2ea60dd52f9a10f9cfe2a1d20
Reviewed-on: https://code.wireshark.org/review/27870
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ipsec.c')
-rw-r--r-- | epan/dissectors/packet-ipsec.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ipsec.c b/epan/dissectors/packet-ipsec.c index a2c38e327e..cf46c00e4d 100644 --- a/epan/dissectors/packet-ipsec.c +++ b/epan/dissectors/packet-ipsec.c @@ -300,6 +300,7 @@ compute_ascii_key(gchar **ascii_key, const gchar *key) else if((raw_key_len == 2) && (key[0] == '0') && ((key[1] == 'x') || (key[1] == 'X'))) { + *ascii_key = NULL; return 0; } else @@ -317,15 +318,20 @@ static gboolean uat_esp_sa_record_update_cb(void* r, char** err _U_) { uat_esp_sa_record_t* rec = (uat_esp_sa_record_t *)r; /* Compute keys & lengths once and for all */ + g_free(rec->encryption_key); + if (rec->cipher_hd_created) { + gcry_cipher_close(rec->cipher_hd); + rec->cipher_hd_created = FALSE; + } if (rec->encryption_key_string) { rec->encryption_key_length = compute_ascii_key(&rec->encryption_key, rec->encryption_key_string); - rec->cipher_hd_created = FALSE; } else { rec->encryption_key_length = 0; rec->encryption_key = NULL; } + g_free(rec->authentication_key); if (rec->authentication_key_string) { rec->authentication_key_length = compute_ascii_key(&rec->authentication_key, rec->authentication_key_string); } @@ -347,8 +353,11 @@ static void* uat_esp_sa_record_copy_cb(void* n, const void* o, size_t siz _U_) { new_rec->spi = g_strdup(old_rec->spi); new_rec->encryption_algo = old_rec->encryption_algo; new_rec->encryption_key_string = g_strdup(old_rec->encryption_key_string); + new_rec->encryption_key = NULL; + new_rec->cipher_hd_created = FALSE; new_rec->authentication_algo = old_rec->authentication_algo; new_rec->authentication_key_string = g_strdup(old_rec->authentication_key_string); + new_rec->authentication_key = NULL; /* Parse keys as in an update */ uat_esp_sa_record_update_cb(new_rec, NULL); @@ -416,10 +425,13 @@ void esp_sa_record_add_from_dissector(guint8 protocol, const gchar *srcIP, const /* Encryption */ record->encryption_algo = encryption_algo; record->encryption_key_string = g_strdup(encryption_key); + record->encryption_key = NULL; + record->cipher_hd_created = FALSE; /* Authentication */ record->authentication_algo = authentication_algo; record->authentication_key_string = g_strdup(authentication_key); + record->authentication_key = NULL; /* Parse keys */ uat_esp_sa_record_update_cb(record, NULL); |