From f2df9b68ecd04d77393dc7c70946b1441c73633c Mon Sep 17 00:00:00 2001 From: K1 Date: Wed, 19 Jun 2024 22:58:52 +0800 Subject: [PATCH] Fix coverity issues, resource leaks CID: 488393, 471339, 471290, 471289, 471287, 471282, 471281, 471279, 471246, 471237, 471221, 471204, 471196, 471180, 471171, 471169, 471162, 278385, 21756. --- apps/speed.c | 1 + crypto/ec/ec_elgamal_crypt.c | 2 +- crypto/ec/ec_lib.c | 18 ++++++++---------- crypto/zkp/bulletproofs/bulletproofs_encode.c | 4 +++- crypto/zkp/gadget/zkp_range_proof.c | 1 + crypto/zkp/nizk/nizk_encode.c | 2 +- test/bntest.c | 1 + test/bulletproofs_test.c | 2 ++ test/nizk_test.c | 4 ++++ test/paillier_internal_test.c | 2 ++ test/pkcs12_format_test.c | 1 + test/zkp_gadget_test.c | 3 --- 12 files changed, 25 insertions(+), 16 deletions(-) diff --git a/apps/speed.c b/apps/speed.c index 1df5ce69d..e6aaa466c 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -5357,6 +5357,7 @@ static int do_multi(int multi, int size_num) close(1); if (dup(fd[1]) == -1) { BIO_printf(bio_err, "dup failed\n"); + close(fd[1]); exit(1); } close(fd[1]); diff --git a/crypto/ec/ec_elgamal_crypt.c b/crypto/ec/ec_elgamal_crypt.c index a6fe59749..6661e8bff 100644 --- a/crypto/ec/ec_elgamal_crypt.c +++ b/crypto/ec/ec_elgamal_crypt.c @@ -199,7 +199,7 @@ EC_ELGAMAL_MR_CTX *EC_ELGAMAL_MR_CTX_new(STACK_OF(EC_KEY) *keys, const EC_POINT if (h != NULL) { if (!(ctx->h = EC_POINT_dup(h, ctx->group))) - return 0; + goto err; } else { ctx->h = EC_POINT_new(group); if (ctx->h == NULL) { diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index e92f582db..c5c3de0f2 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1544,13 +1544,13 @@ int EC_POINTs_from_strings(const EC_GROUP *group, EC_POINTS **r, { int ret = 0; BN_CTX *new_ctx = NULL; - EC_POINTS *result = NULL; + EC_POINTS *result = NULL, *new_r = NULL; if (r == NULL || strings == NULL || num <= 0) return 0; if (*r == NULL) { - result = EC_POINTS_new(group, (uint32_t)num); + new_r = result = EC_POINTS_new(group, (uint32_t)num); if (result == NULL) return 0; } else { @@ -1574,14 +1574,13 @@ int EC_POINTs_from_strings(const EC_GROUP *group, EC_POINTS **r, } #endif - result = NULL; - /* * TODO */ err: BN_CTX_free(new_ctx); - EC_POINTS_free(result); + if (new_r != NULL && *r != new_r) + EC_POINTS_free(new_r); return ret; } @@ -1600,13 +1599,13 @@ int EC_POINTs_from_strings_scalar_mul(const EC_GROUP *group, EC_POINTS **r, { int ret = 0; BN_CTX *new_ctx = NULL; - EC_POINTS *result = NULL; + EC_POINTS *result, *new_r = NULL; if (r == NULL || strings == NULL || num <= 0) return 0; if (*r == NULL) { - result = EC_POINTS_new(group, (uint32_t)num); + new_r = result = EC_POINTS_new(group, (uint32_t)num); if (result == NULL) return 0; } else { @@ -1632,14 +1631,13 @@ int EC_POINTs_from_strings_scalar_mul(const EC_GROUP *group, EC_POINTS **r, } #endif - result = NULL; - /* * TODO */ err: BN_CTX_free(new_ctx); - EC_POINTS_free(result); + if (new_r != NULL && *r != new_r) + EC_POINTS_free(new_r); return ret; } diff --git a/crypto/zkp/bulletproofs/bulletproofs_encode.c b/crypto/zkp/bulletproofs/bulletproofs_encode.c index 94556c266..a208ef26a 100644 --- a/crypto/zkp/bulletproofs/bulletproofs_encode.c +++ b/crypto/zkp/bulletproofs/bulletproofs_encode.c @@ -184,8 +184,10 @@ static int bp_inner_product_proof_encode(bp_inner_product_proof_t *ip_proof, len += sk_len; - if (out == NULL) + if (out == NULL) { + sk_BIGNUM_free(sk_bn); return len; + } sk_len = zkp_stack_of_bignum_encode(sk_bn, p, bn_len); if (sk_len == 0) diff --git a/crypto/zkp/gadget/zkp_range_proof.c b/crypto/zkp/gadget/zkp_range_proof.c index 5a3235086..24287bf9d 100644 --- a/crypto/zkp/gadget/zkp_range_proof.c +++ b/crypto/zkp/gadget/zkp_range_proof.c @@ -410,6 +410,7 @@ void ZKP_RANGE_PROOF_free(ZKP_RANGE_PROOF *proof) NIZK_PLAINTEXT_KNOWLEDGE_PROOF_free(proof->ptke_proof); BP_RANGE_PROOF_free(proof->bp_proof); + OPENSS_free(proof); } ZKP_RANGE_PROOF *ZKP_RANGE_PROOF_prove(ZKP_RANGE_CTX *ctx, int left_bound_bits, diff --git a/crypto/zkp/nizk/nizk_encode.c b/crypto/zkp/nizk/nizk_encode.c index 4305d44ca..d6ec1ba17 100644 --- a/crypto/zkp/nizk/nizk_encode.c +++ b/crypto/zkp/nizk/nizk_encode.c @@ -296,7 +296,7 @@ NIZK_WITNESS *NIZK_WITNESS_decode(const unsigned char *in, size_t size, int flag if (flag == 1) { if (size < (sizeof(int) + bn_len * 3)) { ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_PASSED_INVALID_ARGUMENT); - return NULL; + goto err; } witness->v = zkp_bignum_decode(p, NULL, bn_len); diff --git a/test/bntest.c b/test/bntest.c index c5894c157..2ad00d65a 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -101,6 +101,7 @@ static BIGNUM *getBN(STANZA *s, const char *attribute) if (parseBN(&ret, hex) != (int)strlen(hex)) { TEST_error("Could not decode '%s'", hex); + BN_free(ret); return NULL; } return ret; diff --git a/test/bulletproofs_test.c b/test/bulletproofs_test.c index e54791188..84de4c480 100644 --- a/test/bulletproofs_test.c +++ b/test/bulletproofs_test.c @@ -1134,9 +1134,11 @@ static BP_R1CS_PROOF *r1cs_range_prove(BP_R1CS_CTX *ctx, BP_WITNESS *witness, if (!(proof = BP_R1CS_PROOF_prove(ctx))) goto err; + BN_free(v); return proof; err: + BN_free(v); BP_R1CS_LINEAR_COMBINATION_free(lc); BP_R1CS_PROOF_free(proof); return NULL; diff --git a/test/nizk_test.c b/test/nizk_test.c index 64d0da58d..2bf4ce31c 100644 --- a/test/nizk_test.c +++ b/test/nizk_test.c @@ -93,6 +93,8 @@ static int nizk_plaintext_knowledge_test(int plaintext) ret = 1; err: + EC_ELGAMAL_CIPHERTEXT_free(enc_ct); + EC_ELGAMAL_CTX_free(enc_ctx); NIZK_PLAINTEXT_KNOWLEDGE_PROOF_free(proof); NIZK_PLAINTEXT_KNOWLEDGE_CTX_free(ctx); NIZK_WITNESS_free(witness); @@ -176,6 +178,8 @@ static int nizk_plaintext_equality_test(int plaintext) ret = 1; err: + EC_ELGAMAL_MR_CTX_free(enc_ctx); + EC_ELGAMAL_MR_CIPHERTEXT_free(enc_ct); NIZK_PLAINTEXT_EQUALITY_PROOF_free(proof); NIZK_PLAINTEXT_EQUALITY_CTX_free(ctx); NIZK_WITNESS_free(witness); diff --git a/test/paillier_internal_test.c b/test/paillier_internal_test.c index e099f53ce..33f2389b6 100644 --- a/test/paillier_internal_test.c +++ b/test/paillier_internal_test.c @@ -189,6 +189,7 @@ static size_t paillier_add_plain(PAILLIER_CTX *ctx, unsigned char **out, ret = size; err: + OPENSSL_free(buf); PAILLIER_CIPHERTEXT_free(c); PAILLIER_CIPHERTEXT_free(r); return ret; @@ -270,6 +271,7 @@ static size_t paillier_mul(PAILLIER_CTX *ctx, unsigned char **out, ret = size; err: + OPENSSL_free(buf); PAILLIER_CIPHERTEXT_free(c); PAILLIER_CIPHERTEXT_free(r); return ret; diff --git a/test/pkcs12_format_test.c b/test/pkcs12_format_test.c index 258a78d80..77e3f2c17 100644 --- a/test/pkcs12_format_test.c +++ b/test/pkcs12_format_test.c @@ -776,6 +776,7 @@ static int test_set0_attrs(void) return end_pkcs12_builder(pb); err: + (void)end_pkcs12_builder(pb); return 0; } diff --git a/test/zkp_gadget_test.c b/test/zkp_gadget_test.c index 8d85ce941..c7b127d76 100644 --- a/test/zkp_gadget_test.c +++ b/test/zkp_gadget_test.c @@ -37,9 +37,6 @@ static int zkp_poly3_eval_test(void) BN_CTX *bn_ctx = NULL; STACK_OF(BIGNUM) *sk_eval = NULL; - if (!(sk_eval = sk_BIGNUM_new_reserve(NULL, n))) - goto err; - bn_ctx = BN_CTX_new(); if (bn_ctx == NULL) goto err;