Merge pull request #578 from dongbeiouba/fix/leak2

Fix resource leak issues
Tongsuo-Project · Feb 4, 2024 · da0fa86 · da0fa86
2 parents 8ad48a8 + c20fe7f
commit da0fa86
Show file tree

Hide file tree

Showing 8 changed files with 65 additions and 32 deletions.
diff --git a/crypto/zkp/bulletproofs/r1cs.c b/crypto/zkp/bulletproofs/r1cs.c
@@ -353,7 +353,7 @@ BP_R1CS_PROOF *BP_R1CS_PROOF_prove(BP_R1CS_CTX *ctx)
 
     bn_ctx = BN_CTX_new();
     if (bn_ctx == NULL)
-        return NULL;
+        goto err;
 
     BN_CTX_start(bn_ctx);
 

diff --git a/crypto/zkp/nizk/nizk_dlog_equality.c b/crypto/zkp/nizk/nizk_dlog_equality.c
@@ -201,6 +201,7 @@ int NIZK_DLOG_EQUALITY_PROOF_verify(NIZK_DLOG_EQUALITY_CTX *ctx, NIZK_DLOG_EQUAL
     if (bn_ctx == NULL)
         goto err;
 
+    BN_CTX_start(bn_ctx);
     e = BN_CTX_get(bn_ctx);
     bn1 = BN_CTX_get(bn_ctx);
     if (bn1 == NULL)
@@ -252,10 +253,11 @@ int NIZK_DLOG_EQUALITY_PROOF_verify(NIZK_DLOG_EQUALITY_CTX *ctx, NIZK_DLOG_EQUAL
 
     ret = 1;
 err:
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
     EC_POINT_free(L);
     EC_POINT_free(R);
     zkp_poly_points_free(poly);
     ZKP_TRANSCRIPT_reset(transcript);
     return ret;
 }
-
diff --git a/crypto/zkp/nizk/nizk_dlog_knowledge.c b/crypto/zkp/nizk/nizk_dlog_knowledge.c
@@ -125,6 +125,7 @@ NIZK_DLOG_KNOWLEDGE_PROOF *NIZK_DLOG_KNOWLEDGE_PROOF_prove(NIZK_DLOG_KNOWLEDGE_C
     if (bn_ctx == NULL)
         goto err;
 
+    BN_CTX_start(bn_ctx);
     a = BN_CTX_get(bn_ctx);
     e = BN_CTX_get(bn_ctx);
     t = BN_CTX_get(bn_ctx);
@@ -152,6 +153,7 @@ NIZK_DLOG_KNOWLEDGE_PROOF *NIZK_DLOG_KNOWLEDGE_PROOF_prove(NIZK_DLOG_KNOWLEDGE_C
     ret = proof;
     proof = NULL;
 err:
+    BN_CTX_end(bn_ctx);
     BN_CTX_free(bn_ctx);
     NIZK_DLOG_KNOWLEDGE_PROOF_free(proof);
     ZKP_TRANSCRIPT_reset(transcript);
@@ -186,6 +188,7 @@ int NIZK_DLOG_KNOWLEDGE_PROOF_verify(NIZK_DLOG_KNOWLEDGE_CTX *ctx,
     if (bn_ctx == NULL)
         goto err;
 
+    BN_CTX_start(bn_ctx);
     e = BN_CTX_get(bn_ctx);
     bn1 = BN_CTX_get(bn_ctx);
     bn_1 = BN_CTX_get(bn_ctx);
@@ -223,6 +226,8 @@ int NIZK_DLOG_KNOWLEDGE_PROOF_verify(NIZK_DLOG_KNOWLEDGE_CTX *ctx,
 
     ret = 1;
 err:
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
     EC_POINT_free(L);
     EC_POINT_free(R);
     zkp_poly_points_free(poly);

diff --git a/crypto/zkp/nizk/nizk_encode.c b/crypto/zkp/nizk/nizk_encode.c
@@ -340,12 +340,17 @@ size_t NIZK_PLAINTEXT_KNOWLEDGE_PROOF_encode(const NIZK_PLAINTEXT_KNOWLEDGE_PROO
     }
 
     sk_point = sk_EC_POINT_new_reserve(NULL, 2);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 2);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 2);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     if ((curve_id = EC_POINT_get_curve_name(proof->A)) == NID_undef) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_PASSED_INVALID_ARGUMENT);
         goto end;
@@ -537,12 +542,17 @@ size_t NIZK_PLAINTEXT_EQUALITY_PROOF_encode(const NIZK_PLAINTEXT_EQUALITY_PROOF
     }
 
     sk_point = sk_EC_POINT_dup(proof->sk_A);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 2);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 2);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     if ((curve_id = EC_POINT_get_curve_name(proof->B)) == NID_undef) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_PASSED_INVALID_ARGUMENT);
         goto end;
@@ -732,12 +742,17 @@ size_t NIZK_DLOG_KNOWLEDGE_PROOF_encode(const NIZK_DLOG_KNOWLEDGE_PROOF *proof,
     }
 
     sk_point = sk_EC_POINT_new_reserve(NULL, 1);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 1);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 1);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     if ((curve_id = EC_POINT_get_curve_name(proof->A)) == NID_undef) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_PASSED_INVALID_ARGUMENT);
         goto end;
@@ -925,12 +940,17 @@ size_t NIZK_DLOG_EQUALITY_PROOF_encode(const NIZK_DLOG_EQUALITY_PROOF *proof,
     }
 
     sk_point = sk_EC_POINT_new_reserve(NULL, 2);
-    sk_bn = sk_BIGNUM_new_reserve(NULL, 1);
-    if (sk_point == NULL || sk_bn == NULL) {
+    if (sk_point == NULL) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
         return 0;
     }
 
+    sk_bn = sk_BIGNUM_new_reserve(NULL, 1);
+    if (sk_bn == NULL) {
+        ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
     if ((curve_id = EC_POINT_get_curve_name(proof->A1)) == NID_undef) {
         ERR_raise(ERR_LIB_ZKP_NIZK, ERR_R_PASSED_INVALID_ARGUMENT);
         goto end;

diff --git a/crypto/zkp/nizk/nizk_plaintext_equality.c b/crypto/zkp/nizk/nizk_plaintext_equality.c
@@ -275,6 +275,7 @@ int NIZK_PLAINTEXT_EQUALITY_PROOF_verify(NIZK_PLAINTEXT_EQUALITY_CTX *ctx,
     if (bn_ctx == NULL)
         goto err;
 
+    BN_CTX_start(bn_ctx);
     e = BN_CTX_get(bn_ctx);
     bn1 = BN_CTX_get(bn_ctx);
     if (bn1 == NULL)
@@ -348,6 +349,8 @@ int NIZK_PLAINTEXT_EQUALITY_PROOF_verify(NIZK_PLAINTEXT_EQUALITY_CTX *ctx,
 
     ret = 1;
 err:
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
     EC_POINT_free(L);
     EC_POINT_free(R);
     zkp_poly_points_free(poly);

diff --git a/providers/smtc/self_test.c b/providers/smtc/self_test.c
@@ -358,6 +358,8 @@ int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test)
     }
     ok = 1;
 end:
+    OPENSSL_free(password);
+    OPENSSL_free(salt);
     OSSL_SELF_TEST_free(ev);
     OPENSSL_free(module_checksum);
 

diff --git a/test/bulletproofs_test.c b/test/bulletproofs_test.c
@@ -74,10 +74,10 @@ static int r1cs_example_logic2(BP_R1CS_CTX *ctx,
         return 0;
     }
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))
-        || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1))
-        || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) {
-        return 0;
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL
+        || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL
+        || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) {
+        goto err;
     }
 
     if (!BP_R1CS_LINEAR_COMBINATION_mul(a, lc->a2, ctx)
@@ -112,10 +112,10 @@ static int r1cs_example_logic3(BP_R1CS_CTX *ctx,
         return 0;
     }
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))
-        || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1))
-        || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) {
-        return 0;
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL
+        || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL
+        || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) {
+        goto err;
     }
 
     if (!BP_R1CS_LINEAR_COMBINATION_mul(a, lc->a2, ctx)
@@ -156,10 +156,10 @@ static int r1cs_example_logic4(BP_R1CS_CTX *ctx,
 
     BN_set_word(bn7, 7);
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))
-        || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1))
-        || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) {
-        return 0;
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL
+        || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL
+        || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) {
+        goto err;
     }
 
     if (!BP_R1CS_LINEAR_COMBINATION_mul(a, lc->a2, ctx)
@@ -202,10 +202,10 @@ static int r1cs_example_logic5(BP_R1CS_CTX *ctx,
 
     BN_set_word(bn7, 7);
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))
-        || !(b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1))
-        || !(c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1))) {
-        return 0;
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL
+        || (b = BP_R1CS_LINEAR_COMBINATION_dup(lc->b1)) == NULL
+        || (c = BP_R1CS_LINEAR_COMBINATION_dup(lc->c1)) == NULL) {
+        goto err;
     }
 
     if (!BP_R1CS_LINEAR_COMBINATION_mul(a, lc->a2, ctx)
@@ -279,9 +279,8 @@ static int r1cs_example_logic7(BP_R1CS_CTX *ctx,
 
     BN_set_word(bn10, 10);
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))) {
-        return 0;
-    }
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL)
+        goto err;
 
     if (!BP_R1CS_LINEAR_COMBINATION_mul(a, lc->a2, ctx)
         || !BP_R1CS_LINEAR_COMBINATION_sub_bn(a, bn10)
@@ -311,9 +310,8 @@ static int r1cs_example_logic8(BP_R1CS_CTX *ctx,
         return 0;
     }
 
-    if (!(a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1))) {
-        return 0;
-    }
+    if ((a = BP_R1CS_LINEAR_COMBINATION_dup(lc->a1)) == NULL)
+        goto err;
 
     if (!BP_R1CS_LINEAR_COMBINATION_add(a, lc->b1)
         || !BP_R1CS_LINEAR_COMBINATION_add(a, lc->c1)
@@ -1105,6 +1103,8 @@ static int r1cs_range_logic(BP_R1CS_CTX *ctx, int64_t *value, int32_t bits,
 
     BN_free(l);
     BN_free(r);
+    BN_free(bn_1);
+    BN_free(pow_2);
 
     return ret;
 }

diff --git a/test/paillier_internal_test.c b/test/paillier_internal_test.c
@@ -88,6 +88,7 @@ static size_t paillier_encrypt(PAILLIER_CTX *ctx,
     ret = size;
 
 err:
+    OPENSSL_free(buf);
     PAILLIER_CIPHERTEXT_free(r);
     return ret;
 }