nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-04 17:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Fix memory leak in stream_handle(), CID 1519397, 1519388, 1519402, 1519403

Browse Source
This commit is contained in:
olszomal 2023-01-18 13:39:18 +01:00 committed by Michał Trojnara
parent 199a852c12
commit fade782e58
2 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
msi.c
View File

@ -866,14 +866,19 @@ static uint32_t stream_read(MSI_FILE *msi, MSI_ENTRY *entry, u_char *p_msi, uint
u_char *p_msiex, uint32_t len_msiex, char **indata, uint32_t inlen, int is_root)
{
if (is_root && !memcmp(entry->name, digital_signature, sizeof digital_signature)) {
*indata = (char *)p_msi;
/* DigitalSignature */
inlen = len_msi;
*indata = OPENSSL_malloc((size_t)inlen);
memcpy(*indata, p_msi, (size_t)inlen);
} else if (is_root && !memcmp(entry->name, digital_signature_ex, sizeof digital_signature_ex)) {
*indata = (char *)p_msiex;
/* MsiDigitalSignatureEx */
inlen = len_msiex;
} else {
*indata = OPENSSL_malloc((size_t)inlen);
memcpy(*indata, p_msiex, (size_t)inlen);
} else if (inlen != 0) {
*indata = (char *)OPENSSL_malloc(inlen);
if (!msi_file_read(msi, entry, 0, *indata, inlen)) {
printf("Failed to read stream data\n");
OPENSSL_free(indata);
return 0; /* FAILED */
}
}
@ -901,12 +906,17 @@ static int stream_handle(MSI_FILE *msi, MSI_DIRENT *dirent, u_char *p_msi, uint3
return 0; /* FAILED */
}
} else { /* DIR_STREAM */
uint32_t inlen = GET_UINT32_LE(child->entry->size);
char *indata = (char *)OPENSSL_malloc(inlen);
char buf[MAX_SECTOR_SIZE];
char *indata;
uint32_t inlen = GET_UINT32_LE(child->entry->size);
if (inlen >= MAXREGSECT) {
printf("Corrupted stream length 0x%08X\n", inlen);
return 0; /* FAILED */
}
/* DigitalSignature or MsiDigitalSignatureEx: inlen == 0 */
inlen = stream_read(msi, child->entry, p_msi, len_msi, p_msiex, len_msiex, &indata, inlen, is_root);
if (inlen == 0) {
printf("Failed to read stream data\n");
continue;
}
/* set the size of the user-defined data if this is a stream object */

6
osslsigncode.c
View File

@ -4776,10 +4776,7 @@ static int append_signature(PKCS7 *sig, PKCS7 *cursig, file_type_t type,
BIO_write(outdata, p, *padlen);
}
} else if (type == FILE_TYPE_MSI) {
int len_msi = *len;
u_char *p_msi = OPENSSL_malloc((size_t)len_msi);
memcpy(p_msi, p, (size_t)len_msi);
if (!msi_file_write(msiparams->msi, msiparams->dirent, p_msi, (uint32_t)len_msi,
if (!msi_file_write(msiparams->msi, msiparams->dirent, p, (uint32_t)*len,
msiparams->p_msiex, (uint32_t)msiparams->len_msiex, outdata)) {
printf("Saving the msi file failed\n");
OPENSSL_free(p);
@ -5484,6 +5481,7 @@ static void free_msi_params(MSI_PARAMS *msiparams)
{
msi_file_free(msiparams->msi);
msi_dirent_free(msiparams->dirent);
OPENSSL_free(msiparams->p_msiex);
}
static void free_crypto_params(CRYPTO_PARAMS *cparams)