From 0072d2a9fce4835ab2b9ee70aaca0169fb25fa0c Mon Sep 17 00:00:00 2001 From: Li Qiang Date: Tue, 3 Jan 2017 20:31:34 -0800 Subject: [PATCH 1/2] crypto: fix leak in ivgen essiv init On error path, the 'salt' doesn't been freed thus leading a memory leak. This patch avoid this. Signed-off-by: Li Qiang Signed-off-by: Daniel P. Berrange --- crypto/ivgen-essiv.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/ivgen-essiv.c b/crypto/ivgen-essiv.c index 634de63338..cba20bde6c 100644 --- a/crypto/ivgen-essiv.c +++ b/crypto/ivgen-essiv.c @@ -48,6 +48,7 @@ static int qcrypto_ivgen_essiv_init(QCryptoIVGen *ivgen, &salt, &nhash, errp) < 0) { g_free(essiv); + g_free(salt); return -1; } From 32c813e6c2a857b93b897901b7e20281397528a3 Mon Sep 17 00:00:00 2001 From: Prasad J Pandit Date: Mon, 20 Feb 2017 16:53:07 +0530 Subject: [PATCH 2/2] crypto: assert cipher algorithm is always valid Crypto routines 'qcrypto_cipher_get_block_len' and 'qcrypto_cipher_get_key_len' return non-zero cipher block and key lengths from static arrays 'alg_block_len[]' and 'alg_key_len[]' respectively. Returning 'zero(0)' value from either of them would likely lead to an error condition. Signed-off-by: Prasad J Pandit Signed-off-by: Daniel P. Berrange --- crypto/cipher.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/crypto/cipher.c b/crypto/cipher.c index 9ecaff702b..5a9648942f 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -63,18 +63,14 @@ static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { size_t qcrypto_cipher_get_block_len(QCryptoCipherAlgorithm alg) { - if (alg >= G_N_ELEMENTS(alg_key_len)) { - return 0; - } + assert(alg < G_N_ELEMENTS(alg_key_len)); return alg_block_len[alg]; } size_t qcrypto_cipher_get_key_len(QCryptoCipherAlgorithm alg) { - if (alg >= G_N_ELEMENTS(alg_key_len)) { - return 0; - } + assert(alg < G_N_ELEMENTS(alg_key_len)); return alg_key_len[alg]; }