[server] replay attack detection memory leak bug fix
authorMichael Rash <mbr@cipherdyne.org>
Sat, 28 Jul 2012 04:08:30 +0000 (00:08 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 28 Jul 2012 04:08:30 +0000 (00:08 -0400)
This commit fixes the following memory leak found with valgrind:

44 bytes in 1 blocks are definitely lost in loss record 2 of 2
   at 0x482BE68: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
   by 0x490EA50: strdup (strdup.c:43)
   by 0x10CD69: incoming_spa (incoming_spa.c:162)
   by 0x10E000: process_packet (process_packet.c:200)
   by 0x4862E63: ??? (in /usr/lib/i386-linux-gnu/libpcap.so.1.1.1)
   by 0x4865667: pcap_dispatch (in /usr/lib/i386-linux-gnu/libpcap.so.1.1.1)
   by 0x10DABF: pcap_capture (pcap_capture.c:226)
   by 0x10A798: main (fwknopd.c:299)

server/incoming_spa.c

index 06f8558..018b914 100644 (file)
@@ -165,6 +165,7 @@ get_raw_digest(char **digest, char *pkt_data)
         return SPA_MSG_ERROR;
 
     fko_destroy(ctx);
+
     return res;
 }
 
@@ -284,7 +285,10 @@ incoming_spa(fko_srv_options_t *opts)
                 return;
 
             if (is_replay(opts, raw_digest) != SPA_MSG_SUCCESS)
+            {
+                free(raw_digest);
                 return;
+            }
     }
     else
     {