osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Make sure each value in a GHashTable is unique. This avoids a 

double-free bug triggered by using the "any" address wildcard.

Use g_malloc0 instead of zeroing elements by hand. Check for SSL_FAST
the same way everywhere.

svn path=/trunk/; revision=40365
This commit is contained in:
Gerald Combs 2012-01-04 00:37:14 +00:00
parent c7db6a5d4d
commit 19e493c049
1 changed files with 19 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
epan/dissectors/packet-ssl-utils.c
View File

@ -2405,7 +2405,7 @@ ssl_privkey_to_sexp(struct gnutls_x509_privkey_int* priv_key)
{
gnutls_datum_t rsa_datum[RSA_PARS]; /* m, e, d, p, q, u */
size_t tmp_size;
gcry_sexp_t rsa_priv_key;
gcry_sexp_t rsa_priv_key = NULL;
gint major, minor, patch;
gint i, p_idx, q_idx;
int ret;
@ -2486,7 +2486,7 @@ ssl_privkey_to_sexp(struct gnutls_x509_privkey_int* priv_key)
return NULL;
}
#if SSL_FAST
#ifdef SSL_FAST
return rsa_params;
#else
for (i=0; i< 6; i++)
@ -2508,10 +2508,7 @@ ssl_load_key(FILE* fp)
gint size;
guint bytes;
Ssl_private_key_t *private_key = g_malloc(sizeof(Ssl_private_key_t));
private_key->x509_cert = 0;
private_key->x509_pkey = 0;
private_key->sexp_pkey = 0;
Ssl_private_key_t *private_key = g_malloc0(sizeof(Ssl_private_key_t));
/* init private key data*/
gnutls_x509_privkey_init(&priv_key);
@ -2601,10 +2598,7 @@ ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd) {
gnutls_x509_crt_t ssl_cert = NULL;
gnutls_x509_privkey_t ssl_pkey = NULL;
Ssl_private_key_t *private_key = g_malloc(sizeof(Ssl_private_key_t));
private_key->x509_cert = 0;
private_key->x509_pkey = 0;
private_key->sexp_pkey = 0;
Ssl_private_key_t *private_key = g_malloc0(sizeof(Ssl_private_key_t));
rest = 4096;
data.data = g_malloc(rest);
@ -2747,7 +2741,7 @@ ssl_load_pkcs12(FILE* fp, const gchar *cert_passwd) {
void ssl_free_key(Ssl_private_key_t* key)
{
#if SSL_FAST
#ifdef SSL_FAST
gint i;
for (i=0; i< 6; i++)
gcry_mpi_release(key->sexp_pkey[i]);
@ -3252,19 +3246,6 @@ ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree*
return;
}
if ((gint)strlen(uats->password) == 0) {
private_key = ssl_load_key(fp);
} else {
private_key = ssl_load_pkcs12(fp, uats->password);
}
fclose(fp);
if (!private_key) {
fprintf(stderr,"Can't load private key from %s\n", uats->keyfile);
return;
}
for (at = 0; at < 2; at++) {
memset(addr_data, 0, sizeof(addr_data));
addr_len = 0;
@ -3289,6 +3270,18 @@ ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree*
continue;
}
if ((gint)strlen(uats->password) == 0) {
private_key = ssl_load_key(fp);
} else {
private_key = ssl_load_pkcs12(fp, uats->password);
}
if (!private_key) {
fprintf(stderr,"Can't load private key from %s\n", uats->keyfile);
fclose(fp);
return;
}
service = g_malloc(sizeof(SslService) + addr_len);
service->addr.type = addr_type[at];
service->addr.len = addr_len;
@ -3318,6 +3311,8 @@ ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree*
ssl_association_add(associations, handle, service->port, uats->protocol, tcp, TRUE);
}
fclose(fp);
}
/* store master secret into session data cache */