diff --git a/src/common.c b/src/common.c index 559b8cd..559d9ea 100644 --- a/src/common.c +++ b/src/common.c @@ -7,9 +7,6 @@ #include #include "common.h" -//#define MIN_KEY_SIZE (crypto_box_SECRETKEYBYTES < crypto_box_PUBLICKEYBYTES ? crypto_box_SECRETKEYBYTES : crypto_box_PUBLICKEYBYTES) -//#define MAX_KEY_SIZE (crypto_box_SECRETKEYBYTES > crypto_box_PUBLICKEYBYTES ? crypto_box_SECRETKEYBYTES : crypto_box_PUBLICKEYBYTES) - char *read_first_line(const char *filename) { FILE *stream; char *cipherstring; diff --git a/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c b/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c index e1371b4..fc36a58 100644 --- a/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c +++ b/src/libexim-encrypt-dlfunc-decrypt-sealedbox.c @@ -7,10 +7,6 @@ #include #include "common.c" -/* A note on memory management: this code lacks calls to free() for every malloc()ed piece of memory. This is deliberate - * as these processes are short-lived and calling free() right before an exit() seems kind of moot. - */ - #define ENVVAR_SK_NAME "LIBEXIM_SECRETKEY" #define ENVVAR_PK_NAME "LIBEXIM_PUBLICKEY" @@ -144,8 +140,8 @@ int main(int argc, char *argv[]) { // read first non-option argument as ciphertext if present if (optind < argc) { size_t b64cipherstring_len = strlen(argv[optind]); - b64cipherstring = malloc(b64cipherstring_len); - sodium_memzero(b64cipherstring, b64cipherstring_len); + b64cipherstring = malloc(b64cipherstring_len + 1); + sodium_memzero(b64cipherstring, b64cipherstring_len + 1); strncpy(b64cipherstring, argv[optind], b64cipherstring_len); input |= INSTRING; } @@ -187,6 +183,8 @@ int main(int argc, char *argv[]) { fprintf(stderr, "[ERROR] Unable to base64-decode ciphertext.\n\n"); exit(EXIT_FAILURE); } + free(b64cipherstring); + // prepare buffer for cleartext size_t cleartext_len = cipherstring_len - crypto_box_SEALBYTES; unsigned char *cleartext = (unsigned char *) malloc(cleartext_len + 1); @@ -204,4 +202,7 @@ int main(int argc, char *argv[]) { } else { fprintf(stdout, "%s", (const char *) cleartext); } + + free(cleartext); + exit(EXIT_SUCCESS); } diff --git a/src/libexim-encrypt-dlfunc-decrypt-secretbox.c b/src/libexim-encrypt-dlfunc-decrypt-secretbox.c index b128110..7effde7 100644 --- a/src/libexim-encrypt-dlfunc-decrypt-secretbox.c +++ b/src/libexim-encrypt-dlfunc-decrypt-secretbox.c @@ -7,10 +7,6 @@ #include #include "common.c" -/* A note on memory management: this code lacks calls to free() for every malloc()ed piece of memory. This is deliberate - * as these processes are short-lived and calling free() right before an exit() seems kind of moot. - */ - #define ENVVAR_PASSWORD_NAME "LIBEXIM_PASSWORD" void print_usage(char *progname) { @@ -162,4 +158,7 @@ int main(int argc, char *argv[]) { } else { fprintf(stdout, "%s", (const char *) cleartext); } + + free(cleartext); + exit(EXIT_SUCCESS); } \ No newline at end of file diff --git a/src/test_libexim-encrypt-dlfunc.sh b/src/test_libexim-encrypt-dlfunc.sh index ac6878f..c7f0aaf 100755 --- a/src/test_libexim-encrypt-dlfunc.sh +++ b/src/test_libexim-encrypt-dlfunc.sh @@ -28,5 +28,5 @@ DECRYPTED=$(exim -C /dev/null -be "\${dlfunc{${LIB}}{sodium_crypto_box_seal_open if [ "${CLEARTEXT}" == "${DECRYPTED}" ] ; then echo "ok 2 - sealed_box test successful" else - echo "ok 2 - sealed_box test unsuccessful" + echo "not ok 2 - sealed_box test unsuccessful" fi