Set keyAllocated=1 when initializing any key#1038
Conversation
| wc_FreeDhKey(&hs->privKey.dh); | ||
| } | ||
| #endif | ||
| #ifndef WOLFSSH_NO_ECDH |
There was a problem hiding this comment.
There's a bug in SendKexDhInit() that should be fixed with this PR. When KEX is ID_CURVE25519_MLKEM768_SHA256, useEccMlKem and useCurve25519MlKem are set. This will cause a double free of hs->privKey, once as each of ECC and Curve25519.
There was a problem hiding this comment.
This was fine here. The bug is in SendKexDhInit(). The case where ID_CURVE25519_MLKEM768_SHA256 is handled, both useCurve25519MlKem (correct) and useEccMlKem (incorrect) are getting set true.
| WFREE(hs->primeGroup, heap, DYNTYPE_MPINT); | ||
| WFREE(hs->generator, heap, DYNTYPE_MPINT); | ||
| #endif | ||
| #ifndef WOLFSSH_NO_DH |
There was a problem hiding this comment.
This #ifndef WOLFSSH_NO_DH is adjacent to another one.
padelsbach
force-pushed
the
keyallocated-flag
branch
from
00125b0 to
4301898
Compare
There was a problem hiding this comment.
Please remove this file from the PR.
| wc_FreeDhKey(&hs->privKey.dh); | ||
| } | ||
| #endif | ||
| #ifndef WOLFSSH_NO_ECDH |
There was a problem hiding this comment.
This was fine here. The bug is in SendKexDhInit(). The case where ID_CURVE25519_MLKEM768_SHA256 is handled, both useCurve25519MlKem (correct) and useEccMlKem (incorrect) are getting set true.
padelsbach
force-pushed
the
keyallocated-flag
branch
from
4301898 to
d5e96c1
Compare
padelsbach
force-pushed
the
keyallocated-flag
branch
from
d5e96c1 to
dae7454
Compare
2 participants
Fixes a possible memory leak if parsing fails. Only a problem with
--enable-heapmathsince normal spmath does not allocate buffers for the key.Added unit tests and heapmath variant to CI.
Also, adding heapmath+asan uncovered a second unrelated leak when freeing the KEX key. Fix included as a second commit.