From 1b42f266d8402a8d733169af9c9b60fbb5bdb64c Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 6 Nov 2024 10:57:58 -0500 Subject: [PATCH] Fix memory leaks when tokens are missing In case we have slots advertized but the driver fails to return information or the token is not present we were leaking memory as the slot is not added to the array and the number of slots is not incremented. Ensure the slot struct is freed in this case. And ensure the slot is assigned and count incremented at the same time to avoid leaks from other error conditions. Signed-off-by: Simo Sorce --- src/slot.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/slot.c b/src/slot.c index ddab71ec..30f1d6df 100644 --- a/src/slot.c +++ b/src/slot.c @@ -182,19 +182,23 @@ CK_RV p11prov_init_slots(P11PROV_CTX *ctx, P11PROV_SLOTS_CTX **slots) ret = CKR_HOST_MEMORY; goto done; } - sctx->slots[sctx->num] = slot; ret = p11prov_GetSlotInfo(ctx, slotid[i], &slot->slot); if (ret != CKR_OK || (slot->slot.flags & CKF_TOKEN_PRESENT) == 0) { /* skip slot */ + OPENSSL_free(slot); continue; } ret = p11prov_GetTokenInfo(ctx, slotid[i], &slot->token); if (ret) { /* skip slot */ + OPENSSL_free(slot); continue; } + sctx->slots[sctx->num] = slot; + sctx->num++; + trim(slot->slot.slotDescription); trim(slot->slot.manufacturerID); trim(slot->token.label); @@ -243,8 +247,6 @@ CK_RV p11prov_init_slots(P11PROV_CTX *ctx, P11PROV_SLOTS_CTX **slots) P11PROV_debug_slot(ctx, slot->id, &slot->slot, &slot->token, slot->mechs, slot->nmechs, slot->profiles); - - sctx->num++; } done: @@ -348,9 +350,6 @@ void p11prov_free_slots(P11PROV_SLOTS_CTX *sctx) err); return; } - if (sctx->num == 0) { - return; - } for (int i = 0; i < sctx->num; i++) { p11prov_session_pool_free(sctx->slots[i]->pool); p11prov_obj_pool_free(sctx->slots[i]->objects);