From: "Luis R. Rodriguez" <mcgrof@xxxxxxxxxxxxxxxx>
This fixes 6 of 10 reported valgrind errors when
crda_verify_db_signature() is used through regdbdump.
Signed-off-by: Luis R. Rodriguez <mcgrof at do-not-panic.com>
---
reglib.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/reglib.c b/reglib.c
index 17e3f31..634525b 100644
--- a/reglib.c
+++ b/reglib.c
@@ -135,13 +135,14 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
if (gcry_sexp_build(&data, NULL, "(data (flags pkcs1) (hash sha1 %b))",
20, hash)) {
fprintf(stderr, "Failed to build data S-expression.\n");
- goto out;
+ return ok;
}
if (gcry_sexp_build(&signature, NULL, "(sig-val (rsa (s %b)))",
siglen, db + dblen)) {
fprintf(stderr, "Failed to build signature S-expression.\n");
- goto out;
+ gcry_sexp_release(data);
+ return ok;
}
for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
@@ -161,12 +162,15 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
}
ok = gcry_pk_verify(signature, data, rsa) == 0;
+ gcry_sexp_release(rsa);
}
if (!ok)
fprintf(stderr, "Database signature verification failed.\n");
out:
+ gcry_sexp_release(data);
+ gcry_sexp_release(signature);
return ok;
}
#endif /* USE_GCRYPT */
--
1.7.10.4
