Added slightly better memory management after using meson […] -Db_sanitize=address.

2025-12-06 06:43:56 +01:00 · 2021-09-12 21:47:57 +02:00
parent 643f1a6719
commit 15de3a6204
4 changed files with 11 additions and 14 deletions
--- a/src/common.c
+++ b/src/common.c
@ -7,9 +7,6 @@
 #include <sodium.h>
 #include "common.h"

-//#define MIN_KEY_SIZE (crypto_box_SECRETKEYBYTES < crypto_box_PUBLICKEYBYTES ? crypto_box_SECRETKEYBYTES : crypto_box_PUBLICKEYBYTES)
-//#define MAX_KEY_SIZE (crypto_box_SECRETKEYBYTES > crypto_box_PUBLICKEYBYTES ? crypto_box_SECRETKEYBYTES : crypto_box_PUBLICKEYBYTES)
-
 char *read_first_line(const char *filename) {
    FILE *stream;
    char *cipherstring;
--- a/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c
+++ b/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c
@ -7,10 +7,6 @@
 #include <stdbool.h>
 #include "common.c"

-/* A note on memory management: this code lacks calls to free() for every malloc()ed piece of memory. This is deliberate
- * as these processes are short-lived and calling free() right before an exit() seems kind of moot.
- */
-
 #define ENVVAR_SK_NAME "LIBEXIM_SECRETKEY"
 #define ENVVAR_PK_NAME "LIBEXIM_PUBLICKEY"

@ -144,8 +140,8 @@ int main(int argc, char *argv[]) {
    // read first non-option argument as ciphertext if present
    if (optind < argc) {
        size_t b64cipherstring_len = strlen(argv[optind]);
-        b64cipherstring = malloc(b64cipherstring_len);
-        sodium_memzero(b64cipherstring, b64cipherstring_len);
+        b64cipherstring = malloc(b64cipherstring_len + 1);
+        sodium_memzero(b64cipherstring, b64cipherstring_len + 1);
        strncpy(b64cipherstring, argv[optind], b64cipherstring_len);
        input |= INSTRING;
    }
@ -187,6 +183,8 @@ int main(int argc, char *argv[]) {
        fprintf(stderr, "[ERROR] Unable to base64-decode ciphertext.\n\n");
        exit(EXIT_FAILURE);
    }
+    free(b64cipherstring);
+
    // prepare buffer for cleartext
    size_t cleartext_len = cipherstring_len - crypto_box_SEALBYTES;
    unsigned char *cleartext = (unsigned char *) malloc(cleartext_len + 1);
@ -204,4 +202,7 @@ int main(int argc, char *argv[]) {
    } else {
        fprintf(stdout, "%s", (const char *) cleartext);
    }
+
+    free(cleartext);
+    exit(EXIT_SUCCESS);
 }
--- a/src/libexim-encrypt-dlfunc-decrypt-secretbox.c
+++ b/src/libexim-encrypt-dlfunc-decrypt-secretbox.c
@ -7,10 +7,6 @@
 #include <stdbool.h>
 #include "common.c"

-/* A note on memory management: this code lacks calls to free() for every malloc()ed piece of memory. This is deliberate
- * as these processes are short-lived and calling free() right before an exit() seems kind of moot.
- */
-
 #define ENVVAR_PASSWORD_NAME "LIBEXIM_PASSWORD"

 void print_usage(char *progname) {
@ -162,4 +158,7 @@ int main(int argc, char *argv[]) {
    } else {
        fprintf(stdout, "%s", (const char *) cleartext);
    }
+
+    free(cleartext);
+    exit(EXIT_SUCCESS);
 }
--- a/src/test_libexim-encrypt-dlfunc.sh
+++ b/src/test_libexim-encrypt-dlfunc.sh
@ -28,5 +28,5 @@ DECRYPTED=$(exim -C /dev/null -be "\${dlfunc{${LIB}}{sodium_crypto_box_seal_open
 if [ "${CLEARTEXT}" == "${DECRYPTED}" ] ; then
 	echo "ok 2 - sealed_box test successful"
 else
-	echo "ok 2 - sealed_box test unsuccessful"
+	echo "not ok 2 - sealed_box test unsuccessful"
 fi