Merge pull request #576 from dongbeiouba/fix/leak

Fix some resource leak issues
Tongsuo-Project · Jan 26, 2024 · 8ad48a8 · 8ad48a8
2 parents 9af8c91 + 89c87cc
commit 8ad48a8
Show file tree

Hide file tree

Showing 8 changed files with 34 additions and 12 deletions.
diff --git a/crypto/ec/ec_elgamal_crypt.c b/crypto/ec/ec_elgamal_crypt.c
@@ -50,7 +50,7 @@ EC_ELGAMAL_CTX *EC_ELGAMAL_CTX_new(EC_KEY *key, const EC_POINT *h, int32_t flag)
 
         if (h != NULL) {
             if (!(ctx->h = EC_POINT_dup(h, key->group)))
-                return 0;
+                goto err;
         } else {
             ctx->h = EC_POINT_new(key->group);
             if (ctx->h == NULL) {

diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
@@ -2148,8 +2148,10 @@ int ossl_ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
     generator = EC_POINT_new(group);
     if (generator == NULL)
         goto err;
-    BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x);
-    BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y);
+    if (BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x) == NULL)
+        goto err;
+    if (BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y) == NULL)
+        goto err;
     if (!EC_POINT_set_affine_coordinates(group, generator, x, y, ctx))
         goto err;
     if ((pre = nistp521_pre_comp_new()) == NULL)

diff --git a/crypto/zkp/bulletproofs/bulletproofs_encode.c b/crypto/zkp/bulletproofs/bulletproofs_encode.c
@@ -662,12 +662,17 @@ size_t BP_RANGE_PROOF_encode(const BP_RANGE_PROOF *proof, unsigned char *out,
     }
 
     sk_point = sk_EC_POINT_new_reserve(NULL, 4);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 3);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 3);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     ip_proof = proof->ip_proof;
 
     if ((curve_id = EC_POINT_get_curve_name(proof->A)) == NID_undef
@@ -894,12 +899,17 @@ size_t BP_R1CS_PROOF_encode(const BP_R1CS_PROOF *proof, unsigned char *out,
     }
 
     sk_point = sk_EC_POINT_new_reserve(NULL, 11);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 3);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 3);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_BP, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     ip_proof = proof->ip_proof;
 
     if ((curve_id = EC_POINT_get_curve_name(proof->AI1)) == NID_undef

diff --git a/crypto/zkp/bulletproofs/r1cs.c b/crypto/zkp/bulletproofs/r1cs.c
@@ -756,6 +756,11 @@ BP_R1CS_PROOF *BP_R1CS_PROOF_prove(BP_R1CS_CTX *ctx)
 err:
     ZKP_TRANSCRIPT_reset(transcript);
 
+    OPENSSL_free(wV);
+    OPENSSL_free(wO);
+    OPENSSL_free(wR);
+    OPENSSL_free(wL);
+
     bp_inner_product_ctx_free(ip_ctx);
     bp_inner_product_pub_param_free(ip_pp);
 

diff --git a/crypto/zkp/nizk/nizk_encode.c b/crypto/zkp/nizk/nizk_encode.c
@@ -684,7 +684,7 @@ NIZK_PLAINTEXT_EQUALITY_PROOF *NIZK_PLAINTEXT_EQUALITY_PROOF_decode(const unsign
     proof->B = sk_EC_POINT_pop(sk_point);
 
     sk_bn = zkp_stack_of_bignum_decode(p, &len, bn_len);
-    if (sk_point == NULL)
+    if (sk_bn == NULL)
         goto err;
     p += len;
 

diff --git a/crypto/zkp/nizk/nizk_plaintext_knowledge.c b/crypto/zkp/nizk/nizk_plaintext_knowledge.c
@@ -219,6 +219,7 @@ int NIZK_PLAINTEXT_KNOWLEDGE_PROOF_verify(NIZK_PLAINTEXT_KNOWLEDGE_CTX *ctx,
     if (bn_ctx == NULL)
         goto err;
 
+    BN_CTX_start(bn_ctx);
     e = BN_CTX_get(bn_ctx);
     bn_1 = BN_CTX_get(bn_ctx);
     bn1 = BN_CTX_get(bn_ctx);
@@ -284,5 +285,7 @@ int NIZK_PLAINTEXT_KNOWLEDGE_PROOF_verify(NIZK_PLAINTEXT_KNOWLEDGE_CTX *ctx,
     EC_POINT_free(R);
     zkp_poly_points_free(poly);
     ZKP_TRANSCRIPT_reset(transcript);
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
     return ret;
 }
diff --git a/test/bulletproofs_test.c b/test/bulletproofs_test.c
@@ -36,10 +36,10 @@ static int r1cs_example_logic1(BP_R1CS_CTX *ctx,
         return 0;
     }
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))
-        || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1))
-        || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) {
-        return 0;
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL
+        || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL
+        || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) {
+        goto err;
     }
 
     if (!BP_R1CS_LINEAR_COMBINATION_add(a, lc->a2)

diff --git a/test/paillier_internal_test.c b/test/paillier_internal_test.c
@@ -150,6 +150,7 @@ static size_t paillier_add(PAILLIER_CTX *ctx, unsigned char **out,
     ret = size;
 
 err:
+    OPENSSL_free(buf);
     PAILLIER_CIPHERTEXT_free(c1);
     PAILLIER_CIPHERTEXT_free(c2);
     PAILLIER_CIPHERTEXT_free(r);
@@ -230,6 +231,7 @@ static size_t paillier_sub(PAILLIER_CTX *ctx, unsigned char **out,
     ret = size;
 
 err:
+    OPENSSL_free(buf);
     PAILLIER_CIPHERTEXT_free(c1);
     PAILLIER_CIPHERTEXT_free(c2);
     PAILLIER_CIPHERTEXT_free(r);