[Spice-devel,5/8] channel: fix EVP_PKEY leak

Submitted by Christophe Fergeau on Aug. 17, 2011, 6:25 p.m.

Details

Message ID 1313580353-3086-6-git-send-email-cfergeau@redhat.com
State New, archived
Headers show

Not browsing as part of any series.

Commit Message

Christophe Fergeau Aug. 17, 2011, 6:25 p.m.
---
 client/red_channel.cpp |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

Patch hide | download patch | download mbox

diff --git a/client/red_channel.cpp b/client/red_channel.cpp
index f4cdf52..fafb2e1 100644
--- a/client/red_channel.cpp
+++ b/client/red_channel.cpp
@@ -68,10 +68,7 @@  void RedChannelBase::link(uint32_t connection_id, const std::string& password,
     uint32_t link_res;
     uint32_t i;
 
-    EVP_PKEY *pubkey;
-    int nRSASize;
     BIO *bioKey;
-    RSA *rsa;
     uint8_t *buffer, *p;
     uint32_t expected_major;
 
@@ -168,6 +165,10 @@  void RedChannelBase::link(uint32_t connection_id, const std::string& password,
 
     bioKey = BIO_new(BIO_s_mem());
     if (bioKey != NULL) {
+        EVP_PKEY *pubkey;
+        int nRSASize;
+        RSA *rsa;
+
         BIO_write(bioKey, reply->pub_key, SPICE_TICKET_PUBKEY_BYTES);
         pubkey = d2i_PUBKEY_bio(bioKey, NULL);
         rsa = pubkey->pkey.rsa;
@@ -183,10 +184,13 @@  void RedChannelBase::link(uint32_t connection_id, const std::string& password,
                                rsa, RSA_PKCS1_OAEP_PADDING) > 0) {
             send((uint8_t*)bufEncrypted.get(), nRSASize);
         } else {
+            EVP_PKEY_free(pubkey);
+            BIO_free(bioKey);
             THROW("could not encrypt password");
         }
 
         memset(bufEncrypted.get(), 0, nRSASize);
+        EVP_PKEY_free(pubkey);
     } else {
         THROW("Could not initiate BIO");
     }