代码拉取完成,页面将自动刷新
From 07d280a83f5145017de4ebf6a2af21658e22fddf Mon Sep 17 00:00:00 2001
From: Veronika Hanulikova <[email protected]>
Date: Wed, 2 Mar 2022 10:32:48 +0100
Subject: [PATCH] Fix use after free
Causes errors "may be used after 'free'", since
`dec` is not allocated again after `free()`.
Also, removed assigning of `sizeof(dec)`, because
`dec` is not static array, but allocated.
---
ykcs11/tests/ykcs11_tests_util.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c
index e63091e9..530d9028 100644
--- a/ykcs11/tests/ykcs11_tests_util.c
+++ b/ykcs11/tests/ykcs11_tests_util.c
@@ -1193,7 +1193,7 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
CK_BYTE* data;
CK_BYTE enc[512] = {0};
CK_BYTE* dec;
- CK_ULONG dec_len;
+ CK_ULONG dec_len, dec_len_backup;
if(padding == RSA_NO_PADDING) {
data_len = RSA_size(rsak);
@@ -1228,12 +1228,14 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_
// Decrypt Update
asrt(funcs->C_DecryptInit(session, &mech, obj_pvtkey[i]), CKR_OK, "DECRYPT INIT");
asrt(funcs->C_Login(session, CKU_CONTEXT_SPECIFIC, (CK_CHAR_PTR)"123456", 6), CKR_OK, "Re-Login USER");
- dec_len = sizeof(dec);
+ dec = malloc(dec_len);
+ dec_len_backup = dec_len;
asrt(funcs->C_DecryptUpdate(session, enc, 100, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
- dec_len = sizeof(dec);
+ dec_len = dec_len_backup;
asrt(funcs->C_DecryptUpdate(session, enc+100, 8, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
- dec_len = sizeof(dec);
+ dec_len = dec_len_backup;
asrt(funcs->C_DecryptUpdate(session, enc+108, 20, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");
+ free(dec);
dec_len = 0;
asrt(funcs->C_DecryptFinal(session, NULL, &dec_len), CKR_OK, "DECRYPT FINAL");
dec = malloc(dec_len);
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手