projects / claws.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8c3760e)
Fixed a memory leak in GnuTLS password decryption.
authorAndrej Kacian <ticho@claws-mail.org>
Sun, 9 Jul 2017 21:49:03 +0000 (23:49 +0200)
committerAndrej Kacian <ticho@claws-mail.org>
Sun, 9 Jul 2017 21:49:03 +0000 (23:49 +0200)
src/password.c patch | blob | history

diff --git a/src/password.c b/src/password.c
index 08da4880f72cb17bedba83bed55d5252f584c179..6ff90e0ab35ade829390c296a16b63365175961c 100644 (file)
--- a/src/password.c
+++ b/src/password.c
@@ -471,6 +471,14 @@ gchar *password_decrypt_gnutls(const gchar *password,
        /* Prepare encrypted password string for decryption. */
        tmp = g_base64_decode(tokens[2], &len);
        g_strfreev(tokens);
        /* Prepare encrypted password string for decryption. */
        tmp = g_base64_decode(tokens[2], &len);
        g_strfreev(tokens);
+       if (tmp == NULL || len == 0) {
+               debug_print("Failed base64-decoding of stored password string\n");
+               g_free(key.data);
+               g_free(iv.data);
+               if (tmp != NULL)
+                       g_free(tmp);
+               return NULL;
+       }
 
        /* Initialize the decryption */
        ret = gnutls_cipher_init(&handle, algo, &key, &iv);
 
        /* Initialize the decryption */
        ret = gnutls_cipher_init(&handle, algo, &key, &iv);
@@ -478,6 +486,7 @@ gchar *password_decrypt_gnutls(const gchar *password,
                debug_print("Cipher init failed: %s\n", gnutls_strerror(ret));
                g_free(key.data);
                g_free(iv.data);
                debug_print("Cipher init failed: %s\n", gnutls_strerror(ret));
                g_free(key.data);
                g_free(iv.data);
+               g_free(tmp);
                return NULL;
        }
 
                return NULL;
        }
 
@@ -485,6 +494,7 @@ gchar *password_decrypt_gnutls(const gchar *password,
        memset(buf, 0, len + blocklen);
        ret = gnutls_cipher_decrypt2(handle, tmp, len,
                        buf, len + blocklen);
        memset(buf, 0, len + blocklen);
        ret = gnutls_cipher_decrypt2(handle, tmp, len,
                        buf, len + blocklen);
+       g_free(tmp);
        if (ret < 0) {
                debug_print("Decryption failed: %s\n", gnutls_strerror(ret));
                g_free(key.data);
        if (ret < 0) {
                debug_print("Decryption failed: %s\n", gnutls_strerror(ret));
                g_free(key.data);
Claws Mail