[Openvpn-devel] Use RSA_meth_free instead of free

Message ID 1515884446-27152-1-git-send-email-selva.nair@gmail.com
State Accepted
Headers show
Series
  • [Openvpn-devel] Use RSA_meth_free instead of free
Related show

Commit Message

Selva Nair Jan. 13, 2018, 11 p.m.
From: Selva Nair <selva.nair@gmail.com>

- RSA_meth_new allocates memory for the name string
  and must be released using RSA_meth_free

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
 src/openvpn/ssl_openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Emmanuel Deloget Jan. 14, 2018, 2:52 a.m. | #1
Hello,

On Sun, Jan 14, 2018 at 12:00 AM, <selva.nair@gmail.com> wrote:

> From: Selva Nair <selva.nair@gmail.com>
>
> - RSA_meth_new allocates memory for the name string
>   and must be released using RSA_meth_free
>
> Signed-off-by: Selva Nair <selva.nair@gmail.com>
> ---
>  src/openvpn/ssl_openssl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
> index 34c31b9..d6d9acf 100644
> --- a/src/openvpn/ssl_openssl.c
> +++ b/src/openvpn/ssl_openssl.c
> @@ -1144,7 +1144,7 @@ err:
>      {
>          if (rsa_meth)
>          {
> -            free(rsa_meth);
> +            RSA_meth_free(rsa_meth);
>          }
>      }
>      crypto_msg(M_FATAL, "Cannot enable SSL external private key
> capability");
> --
> 2.1.4
>
>
​Good catch.

For what it's worth:

Acked-by: Emmanuel Deloget <logout@free.fr>​

​BR,

-- Emmanuel Deloget​
<div dir="ltr"><div class="gmail_default" style="font-family:monospace,monospace">Hello, </div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Jan 14, 2018 at 12:00 AM,  <span dir="ltr">&lt;<a href="mailto:selva.nair@gmail.com" target="_blank">selva.nair@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">From: Selva Nair &lt;<a href="mailto:selva.nair@gmail.com">selva.nair@gmail.com</a>&gt;<br>
<br>
- RSA_meth_new allocates memory for the name string<br>
  and must be released using RSA_meth_free<br>
<br>
Signed-off-by: Selva Nair &lt;<a href="mailto:selva.nair@gmail.com">selva.nair@gmail.com</a>&gt;<br>
---<br>
 src/openvpn/ssl_openssl.c | 2 +-<br>
 1 file changed, 1 insertion(+), 1 deletion(-)<br>
<br>
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c<br>
index 34c31b9..d6d9acf 100644<br>
--- a/src/openvpn/ssl_openssl.c<br>
+++ b/src/openvpn/ssl_openssl.c<br>
@@ -1144,7 +1144,7 @@ err:<br>
     {<br>
         if (rsa_meth)<br>
         {<br>
-            free(rsa_meth);<br>
+            RSA_meth_free(rsa_meth);<br>
         }<br>
     }<br>
     crypto_msg(M_FATAL, &quot;Cannot enable SSL external private key capability&quot;);<br>
<span class="HOEnZb"><font color="#888888">--<br>
2.1.4<br>
<br></font></span></blockquote><div><br></div><div><div class="gmail_default" style="font-family:monospace,monospace">​Good catch. </div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">For what it&#39;s worth: </div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">Acked-by: Emmanuel Deloget &lt;<a href="mailto:logout@free.fr">logout@free.fr</a>&gt;​</div></div></div><br></div><div class="gmail_extra"><div class="gmail_default" style="font-family:monospace,monospace">​BR, </div><div class="gmail_default" style="font-family:monospace,monospace"><br></div><div class="gmail_default" style="font-family:monospace,monospace">-- Emmanuel Deloget​</div><br></div></div>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Steffan Karger Jan. 14, 2018, 9:53 a.m. | #2
Hi,

On 14-01-18 00:00, selva.nair@gmail.com wrote:
> From: Selva Nair <selva.nair@gmail.com>
> 
> - RSA_meth_new allocates memory for the name string
>   and must be released using RSA_meth_free
> 
> Signed-off-by: Selva Nair <selva.nair@gmail.com>
> ---
>  src/openvpn/ssl_openssl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
> index 34c31b9..d6d9acf 100644
> --- a/src/openvpn/ssl_openssl.c
> +++ b/src/openvpn/ssl_openssl.c
> @@ -1144,7 +1144,7 @@ err:
>      {
>          if (rsa_meth)
>          {
> -            free(rsa_meth);
> +            RSA_meth_free(rsa_meth);
>          }
>      }
>      crypto_msg(M_FATAL, "Cannot enable SSL external private key capability");
> 

Good find, seems we missed that in the transition to OpenSSL 1.1.

(I see we have the same pattern in cryptapi.c, but you fix that as part
of your cryptoapi.c patches.)

Acked-by: Steffan Karger <steffan@karger.me>

-Steffan

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Gert Doering Jan. 14, 2018, 6:09 p.m. | #3
Your patch has been applied to the master and release/2.4 branch.

commit 508741c1cf99b8a24205601800fa5056c6d0192b (master)
commit 73bb2a7d32069343b8bfd211bd5783482c8a490d (release/2.4)
Author: Selva Nair
Date:   Sat Jan 13 18:00:46 2018 -0500

     Use RSA_meth_free instead of free

     Signed-off-by: Selva Nair <selva.nair@gmail.com>
     Acked-by: Emmanuel Deloget <logout@free.fr>
     Acked-by: Steffan Karger <steffan.karger@fox-it.com>
     Message-Id: <1515884446-27152-1-git-send-email-selva.nair@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16207.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

Patch

diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index 34c31b9..d6d9acf 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -1144,7 +1144,7 @@  err:
     {
         if (rsa_meth)
         {
-            free(rsa_meth);
+            RSA_meth_free(rsa_meth);
         }
     }
     crypto_msg(M_FATAL, "Cannot enable SSL external private key capability");