anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-09 06:04:56 +02:00
Code Issues Releases Wiki Activity

pknock: fix return values and memleak in has_secret

Browse Source 
First, there is a memory leak - when the crypto functions fail,
hexresult was not freed. Second, in that error case, the return value
is simply passed up to the caller, ignoring the different meanings of
0 and 1 between crypto and pknock.
This commit is contained in:
Jan Engelhardt
2009-09-30 01:11:24 +02:00
parent 4b5f0b12d9
commit d116000784
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
extensions/xt_pknock.c
View File

@@ -737,7 +737,8 @@ has_secret(const unsigned char *secret, unsigned int secret_len, uint32_t ipsrc,
ret = crypto_hash_setkey(crypto.tfm, secret, secret_len); ret = crypto_hash_setkey(crypto.tfm, secret, secret_len);
if (ret) { if (ret) {
printk("crypto_hash_setkey() failed ret=%d\n", ret); printk("crypto_hash_setkey() failed ret=%d\n", ret);
return ret; ret = 0;
goto out;
} }
/* /*
@@ -748,20 +749,19 @@ has_secret(const unsigned char *secret, unsigned int secret_len, uint32_t ipsrc,
ret = crypto_hash_digest(&crypto.desc, sg, 8, result); ret = crypto_hash_digest(&crypto.desc, sg, 8, result);
if (ret) { if (ret) {
printk("crypto_hash_digest() failed ret=%d\n", ret); printk("crypto_hash_digest() failed ret=%d\n", ret);
return ret; ret = 0;
goto out;
} }
crypt_to_hex(hexresult, result, crypto.size); crypt_to_hex(hexresult, result, crypto.size);
if (memcmp(hexresult, payload, hexa_size) != 0) { if (memcmp(hexresult, payload, hexa_size) != 0) {
pr_debug("secret match failed\n"); pr_debug("secret match failed\n");
goto out; ret = 0;
} }
ret = 1; out:
kfree(hexresult);
out:
if (hexresult != NULL) kfree(hexresult);
return ret; return ret;
} }