Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 a873356c 编写于 作者: B Bodo Möller
浏览文件
操作

Use CRYPTO_push_info to find a memory leak in pkcs12.c.

上级 eb952088
隐藏空白更改
内联 并排
Showing with 57 addition and 8 deletion
CHANGES
浏览文件 @ a873356c
...@@ -436,8 +436,11 @@ ...@@ -436,8 +436,11 @@
*) Add the possibility to add extra information to the memory leak *) Add the possibility to add extra information to the memory leak
detecting output, to form tracebacks, showing from where each detecting output, to form tracebacks, showing from where each
allocation was originated. Also updated sid code to be multi- allocation was originated: CRYPTO_push_info("constant string") adds
thread-safe. the string plus current file name and line number to a per-thread
stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
is like calling CYRPTO_pop_info() until the stack is empty.
Also updated memory leak detection code to be multi-thread-safe.
[Richard Levitte] [Richard Levitte]
*) Add options -text and -noout to pkcs7 utility and delete the *) Add options -text and -noout to pkcs7 utility and delete the
...@@ -473,11 +476,11 @@ ...@@ -473,11 +476,11 @@
for all purposes. for all purposes.
[Steve Henson] [Steve Henson]
*) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
problem was that one of the replacement routines had not been working since The problem was that one of the replacement routines had not been working
SSLeay releases. For now the offending routine has been replaced with since SSLeay releases. For now the offending routine has been replaced
non-optimised assembler. Even so, this now gives around 95% performance with non-optimised assembler. Even so, this now gives around 95%
improvement for 1024 bit RSA signs. performance improvement for 1024 bit RSA signs.
[Mark Cox] [Mark Cox]
*) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2
......
apps/pkcs12.c
浏览文件 @ a873356c
...@@ -61,6 +61,7 @@ ...@@ -61,6 +61,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <openssl/crypto.h>
#include <openssl/des.h> #include <openssl/des.h>
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/err.h> #include <openssl/err.h>
...@@ -264,6 +265,10 @@ int MAIN(int argc, char **argv) ...@@ -264,6 +265,10 @@ int MAIN(int argc, char **argv)
ERR_load_crypto_strings(); ERR_load_crypto_strings();
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("read files");
#endif
if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE); if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
else in = BIO_new_file(infile, "rb"); else in = BIO_new_file(infile, "rb");
if (!in) { if (!in) {
...@@ -289,6 +294,11 @@ int MAIN(int argc, char **argv) ...@@ -289,6 +294,11 @@ int MAIN(int argc, char **argv)
} }
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
CRYPTO_push_info("write files");
#endif
if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE); if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
else out = BIO_new_file(outfile, "wb"); else out = BIO_new_file(outfile, "wb");
if (!out) { if (!out) {
...@@ -298,11 +308,17 @@ int MAIN(int argc, char **argv) ...@@ -298,11 +308,17 @@ int MAIN(int argc, char **argv)
goto end; goto end;
} }
if (twopass) { if (twopass) {
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("read MAC password");
#endif
if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert)) if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
{ {
BIO_printf (bio_err, "Can't read Password\n"); BIO_printf (bio_err, "Can't read Password\n");
goto end; goto end;
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
} }
if (export_cert) { if (export_cert) {
...@@ -317,6 +333,10 @@ int MAIN(int argc, char **argv) ...@@ -317,6 +333,10 @@ int MAIN(int argc, char **argv)
int i; int i;
unsigned char keyid[EVP_MAX_MD_SIZE]; unsigned char keyid[EVP_MAX_MD_SIZE];
unsigned int keyidlen = 0; unsigned int keyidlen = 0;
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("process -export_cert");
#endif
key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL); key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL);
if (!inkey) (void) BIO_reset(in); if (!inkey) (void) BIO_reset(in);
else BIO_free(inkey); else BIO_free(inkey);
...@@ -440,6 +460,10 @@ int MAIN(int argc, char **argv) ...@@ -440,6 +460,10 @@ int MAIN(int argc, char **argv)
PKCS12_free(p12); PKCS12_free(p12);
ret = 0; ret = 0;
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
goto end; goto end;
} }
...@@ -449,30 +473,52 @@ int MAIN(int argc, char **argv) ...@@ -449,30 +473,52 @@ int MAIN(int argc, char **argv)
goto end; goto end;
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("read import password");
#endif
if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) { if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
BIO_printf (bio_err, "Can't read Password\n"); BIO_printf (bio_err, "Can't read Password\n");
goto end; goto end;
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
if (!twopass) strcpy(macpass, pass); if (!twopass) strcpy(macpass, pass);
if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1); if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
if(macver) { if(macver) {
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("verify MAC");
#endif
if (!PKCS12_verify_mac (p12, mpass, -1)) { if (!PKCS12_verify_mac (p12, mpass, -1)) {
BIO_printf (bio_err, "Mac verify errror: invalid password?\n"); BIO_printf (bio_err, "Mac verify errror: invalid password?\n");
ERR_print_errors (bio_err); ERR_print_errors (bio_err);
goto end; goto end;
} else BIO_printf (bio_err, "MAC verified OK\n"); } else BIO_printf (bio_err, "MAC verified OK\n");
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_push_info("output keys and certificates");
#endif
if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) { if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) {
BIO_printf(bio_err, "Error outputting keys and certificates\n"); BIO_printf(bio_err, "Error outputting keys and certificates\n");
ERR_print_errors (bio_err); ERR_print_errors (bio_err);
goto end; goto end;
} }
#ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
#endif
PKCS12_free(p12); PKCS12_free(p12);
ret = 0; ret = 0;
end: end:
#ifdef CRYPTO_MDEBUG
CRYPTO_remove_all_info();
#endif
BIO_free(in);
BIO_free(out); BIO_free(out);
EXIT(ret); EXIT(ret);
} }
...@@ -599,7 +645,7 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) ...@@ -599,7 +645,7 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain)
X509_STORE_CTX store_ctx; X509_STORE_CTX store_ctx;
STACK_OF(X509) *chn; STACK_OF(X509) *chn;
int i; int i;
X509 *x;
store = X509_STORE_new (); store = X509_STORE_new ();
X509_STORE_set_default_paths (store); X509_STORE_set_default_paths (store);
X509_STORE_CTX_init(&store_ctx, store, cert, NULL); X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册