diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2014-06-28 07:32:01 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2014-06-28 07:32:01 -0700 |
| commit | 4e927689cb21336212f1aea7cb61433d5372b87a (patch) | |
| tree | b1c6d2888cf6ed1fc30bb581d594ed8c9211e008 /mpi-patches/add-bitops | |
| parent | 2434b4c54ba42c153a51ba96ee24573be297c4ee (diff) | |
| download | txr-4e927689cb21336212f1aea7cb61433d5372b87a.tar.gz txr-4e927689cb21336212f1aea7cb61433d5372b87a.tar.bz2 txr-4e927689cb21336212f1aea7cb61433d5372b87a.zip | |
* mpi-patches/add-bitops (mp_and, mp_or, mp_xor, mp_shift): Plug memory
leaks caused by wrongly initializing the temporary destination operand
for mp2_comp with a size, which mp2_comp then clobbers by doing the same
thing. Also plug memory leaks that happen in in out-of-memory return
case.
Diffstat (limited to 'mpi-patches/add-bitops')
| -rw-r--r-- | mpi-patches/add-bitops | 73 |
1 files changed, 35 insertions, 38 deletions
diff --git a/mpi-patches/add-bitops b/mpi-patches/add-bitops index 64129b83..da2cfa3d 100644 --- a/mpi-patches/add-bitops +++ b/mpi-patches/add-bitops @@ -1,7 +1,7 @@ Index: mpi-1.8.6/mpi.c =================================================================== --- mpi-1.8.6.orig/mpi.c 2014-06-16 11:22:15.632802821 -0700 -+++ mpi-1.8.6/mpi.c 2014-06-26 14:09:52.178356697 -0700 ++++ mpi-1.8.6/mpi.c 2014-06-28 07:20:04.364811464 -0700 @@ -16,6 +16,9 @@ #include <ctype.h> #include <math.h> @@ -20,7 +20,7 @@ Index: mpi-1.8.6/mpi.c int s_highest_bit_mp(mp_int *a); mp_err s_mp_set_bit(mp_int *a, int bit); -@@ -2336,6 +2340,414 @@ +@@ -2336,6 +2340,411 @@ /* }}} */ @@ -63,7 +63,7 @@ Index: mpi-1.8.6/mpi.c + +mp_err mp_and(mp_int *a, mp_int *b, mp_int *c) +{ -+ mp_err res; ++ mp_err res = MP_OKAY; + mp_size ix, extent = 0; + mp_digit *pa, *pb, *pc; + mp_int tmp_a, tmp_b; @@ -75,20 +75,17 @@ Index: mpi-1.8.6/mpi.c + + if (ISNEG(a)) { + extent = USED(b); -+ mp_init_size(&tmp_a, extent); ++ mp_init(&tmp_a); + if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY) -+ return res; ++ goto out; + a = &tmp_a; + } + + if (ISNEG(b)) { + extent = USED(a); -+ mp_init_size(&tmp_b, extent); -+ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) { -+ if (ISNEG(a)) -+ mp_clear(&tmp_a); -+ return res; -+ } ++ mp_init(&tmp_b); ++ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) ++ goto out; + b = &tmp_b; + } + @@ -97,7 +94,7 @@ Index: mpi-1.8.6/mpi.c + + if (c != a && c != b) { + if ((res = mp_init_size(c, extent)) != MP_OKAY) -+ return res; ++ goto out; + } + + for (pa = DIGITS(a), pb = DIGITS(b), pc = DIGITS(c), ix = 0; @@ -115,13 +112,14 @@ Index: mpi-1.8.6/mpi.c + + s_mp_clamp(c); + ++out: + if (ISNEG(a)) + mp_clear(&tmp_a); + + if (ISNEG(b)) + mp_clear(&tmp_b); + -+ return MP_OKAY; ++ return res; +} + +mp_err mp_or(mp_int *a, mp_int *b, mp_int *c) @@ -139,19 +137,16 @@ Index: mpi-1.8.6/mpi.c + return mp_copy(a, c); + + if (ISNEG(a)) { -+ mp_init_size(&tmp_a, extent); ++ mp_init(&tmp_a); + if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY) -+ return res; ++ goto out; + a = &tmp_a; + } + + if (ISNEG(b)) { -+ mp_init_size(&tmp_b, extent); -+ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) { -+ if (ISNEG(a)) -+ mp_clear(&tmp_a); -+ return res; -+ } ++ mp_init(&tmp_b); ++ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) ++ goto out; + b = &tmp_b; + } + @@ -162,7 +157,7 @@ Index: mpi-1.8.6/mpi.c + res = s_mp_pad(c, extent); + + if (res != MP_OKAY) -+ return res; ++ goto out; + + for (pa = DIGITS(a), pb = DIGITS(b), pc = DIGITS(c), ix = 0; + ix < extent; ix++) @@ -179,13 +174,14 @@ Index: mpi-1.8.6/mpi.c + + s_mp_clamp(c); + ++out: + if (ISNEG(a)) + mp_clear(&tmp_a); + + if (ISNEG(b)) + mp_clear(&tmp_b); + -+ return MP_OKAY; ++ return res; +} + +mp_err mp_xor(mp_int *a, mp_int *b, mp_int *c) @@ -205,19 +201,16 @@ Index: mpi-1.8.6/mpi.c + extent = MAX(USED(a), USED(b)); + + if (ISNEG(a)) { -+ mp_init_size(&tmp_a, extent); ++ mp_init(&tmp_a); + if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY) -+ return res; ++ goto out; + a = &tmp_a; + } + + if (ISNEG(b)) { -+ mp_init_size(&tmp_b, extent); -+ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) { -+ if (ISNEG(a)) -+ mp_clear(&tmp_a); -+ return res; -+ } ++ mp_init(&tmp_b); ++ if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY) ++ goto out; + b = &tmp_b; + } + @@ -228,7 +221,7 @@ Index: mpi-1.8.6/mpi.c + res = s_mp_pad(c, extent); + + if (res != MP_OKAY) -+ return res; ++ goto out; + + for (pa = DIGITS(a), pb = DIGITS(b), pc = DIGITS(c), ix = 0; + ix < extent; ix++) @@ -245,13 +238,14 @@ Index: mpi-1.8.6/mpi.c + + s_mp_clamp(c); + ++out: + if (ISNEG(a)) + mp_clear(&tmp_a); + + if (ISNEG(b)) + mp_clear(&tmp_b); + -+ return MP_OKAY; ++ return res; +} + +mp_err mp_comp(mp_int *a, mp_int *b) @@ -272,7 +266,7 @@ Index: mpi-1.8.6/mpi.c + return res; + + if (ISNEG(a)) { -+ mp_init_size(&tmp, dig); ++ mp_init(&tmp); + if ((res = mp_2comp(a, &tmp, dig)) != MP_OKAY) + return res; + a = &tmp; @@ -316,7 +310,7 @@ Index: mpi-1.8.6/mpi.c + return res; + + if (ISNEG(a)) { -+ mp_init_size(&tmp, dig + extra); ++ mp_init(&tmp); + if ((res = mp_2comp(a, &tmp, dig + extra)) != MP_OKAY) + return res; + a = &tmp; @@ -360,7 +354,7 @@ Index: mpi-1.8.6/mpi.c + return res; + + if (ISNEG(a)) { -+ mp_init_size(&tmp, dig + extra); ++ mp_init(&tmp); + if ((res = mp_2comp(a, &tmp, dig + extra)) != MP_OKAY) + return res; + a = &tmp; @@ -394,7 +388,7 @@ Index: mpi-1.8.6/mpi.c + + if (a_neg) { + mp_size ua = USED(a); -+ mp_init_size(&tmp, ua); ++ mp_init(&tmp); + if ((res = mp_2comp(a, &tmp, ua)) != MP_OKAY) + return res; + SIGN(&tmp) = MP_ZPOS; @@ -406,8 +400,11 @@ Index: mpi-1.8.6/mpi.c + else + res = mp_div_2d(a, -bits, b, NULL); + -+ if (res != MP_OKAY) ++ if (res != MP_OKAY) { ++ if (a_neg) ++ mp_clear(&tmp); + return res; ++ } + + if (a_neg) { + int hb, msd; |