cert_create: fix memory leak bug caused by key container overwrite
In the current code, both key_load() and key_create() call key_new()
to allocate a key container (and they do not free it even if they
fail). If a specific key is not given by the command option,
key_load() fails, then key_create() is called. At this point, the
key container that has been allocated in key_load() is still alive,
and it is overwritten by a new key container created by key_create().
Move the key_new() call to the main() function to make sure it is
called just once for each descriptor.
While we are here, let's fix one more bug; the error handling code
ERROR("Malloc error while loading '%s'\n", keys[i].fn);
is wrong because keys[i].fn is NULL pointer unless a specific key is
given by the command option. This code could be run in either case.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c
index c58f41d..dac9e57 100644
--- a/tools/cert_create/src/main.c
+++ b/tools/cert_create/src/main.c
@@ -367,6 +367,11 @@
/* Load private keys from files (or generate new ones) */
for (i = 0 ; i < num_keys ; i++) {
+ if (!key_new(&keys[i])) {
+ ERROR("Failed to allocate key container\n");
+ exit(1);
+ }
+
/* First try to load the key from disk */
if (key_load(&keys[i], &err_code)) {
/* Key loaded successfully */
@@ -374,11 +379,7 @@
}
/* Key not loaded. Check the error code */
- if (err_code == KEY_ERR_MALLOC) {
- /* Cannot allocate memory. Abort. */
- ERROR("Malloc error while loading '%s'\n", keys[i].fn);
- exit(1);
- } else if (err_code == KEY_ERR_LOAD) {
+ if (err_code == KEY_ERR_LOAD) {
/* File exists, but it does not contain a valid private
* key. Abort. */
ERROR("Error loading '%s'\n", keys[i].fn);