diff options
author | K1 <dongbeiouba@gmail.com> | 2022-06-08 16:41:16 +0800 |
---|---|---|
committer | Todd Short <todd.short@me.com> | 2022-06-15 10:59:07 -0400 |
commit | 8358ad79d6ce7689ef6adf7ecb651e67a11f9b1a (patch) | |
tree | 8c8db365e2f783582ca939d91f83670d559760f5 /test | |
parent | 414f66f0e4ed9a2ceef116709d3c4471fbf7eb76 (diff) |
Fix a mem leak in evp_pkey_export_to_provider
If keymgmt is NULL, tmp_keymgmt is allocated and will not be freed.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18499)
(cherry picked from commit 115eb945acd9a27bf81c6c8923f43768f9e487a8)
Diffstat (limited to 'test')
-rw-r--r-- | test/keymgmt_internal_test.c | 66 | ||||
-rw-r--r-- | test/recipes/02-test_internal_keymgmt.t | 9 |
2 files changed, 72 insertions, 3 deletions
diff --git a/test/keymgmt_internal_test.c b/test/keymgmt_internal_test.c index dd0de2f599..0f2030e61f 100644 --- a/test/keymgmt_internal_test.c +++ b/test/keymgmt_internal_test.c @@ -19,6 +19,7 @@ #include <openssl/bn.h> #include <openssl/rsa.h> #include <openssl/evp.h> +#include <openssl/pem.h> #include <openssl/provider.h> #include <openssl/core_names.h> #include "internal/core.h" @@ -33,6 +34,9 @@ typedef struct { OSSL_PROVIDER *prov2; } FIXTURE; +/* Collected arguments */ +static const char *cert_filename = NULL; + static void tear_down(FIXTURE *fixture) { if (fixture != NULL) { @@ -285,8 +289,70 @@ static int test_pass_key(int n) return result; } +static int test_evp_pkey_export_to_provider(int n) +{ + OSSL_LIB_CTX *libctx = NULL; + OSSL_PROVIDER *prov = NULL; + X509 *cert = NULL; + BIO *bio = NULL; + X509_PUBKEY *pubkey = NULL; + EVP_KEYMGMT *keymgmt = NULL; + EVP_PKEY *pkey = NULL; + void *keydata = NULL; + int ret = 0; + + if (!TEST_ptr(libctx = OSSL_LIB_CTX_new()) + || !TEST_ptr(prov = OSSL_PROVIDER_load(libctx, "default"))) + goto end; + + if ((bio = BIO_new_file(cert_filename, "r")) == NULL) { + TEST_error("Couldn't open '%s' for reading\n", cert_filename); + TEST_openssl_errors(); + goto end; + } + + if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) { + TEST_error("'%s' doesn't appear to be a X.509 certificate in PEM format\n", + cert_filename); + TEST_openssl_errors(); + goto end; + } + + pubkey = X509_get_X509_PUBKEY(cert); + pkey = X509_PUBKEY_get0(pubkey); + + if (n == 0) { + if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL, + NULL, NULL))) + goto end; + } else if (n == 1) { + if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL, + &keymgmt, NULL))) + goto end; + } else { + keymgmt = EVP_KEYMGMT_fetch(libctx, "RSA", NULL); + + if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL, + &keymgmt, NULL))) + goto end; + } + + ret = 1; + end: + BIO_free(bio); + X509_free(cert); + EVP_KEYMGMT_free(keymgmt); + OSSL_PROVIDER_unload(prov); + OSSL_LIB_CTX_free(libctx); + return ret; +} + int setup_tests(void) { + if (!TEST_ptr(cert_filename = test_get_argument(0))) + return 0; + ADD_ALL_TESTS(test_pass_key, 1); + ADD_ALL_TESTS(test_evp_pkey_export_to_provider, 3); return 1; } diff --git a/test/recipes/02-test_internal_keymgmt.t b/test/recipes/02-test_internal_keymgmt.t index 269f624467..28f510f164 100644 --- a/test/recipes/02-test_internal_keymgmt.t +++ b/test/recipes/02-test_internal_keymgmt.t @@ -7,12 +7,15 @@ # https://www.openssl.org/source/license.html use strict; -use OpenSSL::Test qw(:DEFAULT bldtop_dir); -use OpenSSL::Test::Simple; +use OpenSSL::Test qw(:DEFAULT bldtop_dir srctop_file); use OpenSSL::Test::Utils; setup("test_internal_keymgmt"); +plan tests => 1; + $ENV{OPENSSL_MODULES} = bldtop_dir("test"); -simple_test("test_internal_keymgmt", "keymgmt_internal_test"); +ok(run(test(["keymgmt_internal_test", + srctop_file("test", "certs", "ee-cert.pem")])), + "running test_internal_keymgmt"); |