Skip to content

Commit a8fa845

Browse files
holtrop-wolfsslholtrop-wolfssl
committed
Rust wrapper: ecc: fix possible resource leak in some error cases
Fix F-1062. If wolfSSL returns an error after initializing ECC struct with wc_ecc_init_ex(), wc_ecc_free() might not have been called in all cases. Move construction of the ECC struct earlier ahead of further wolfSSL calls after wc_ecc_init_ex() so if those subsequent wolfSSL calls return an error the Drop impl for ECC will be called to deinitialize.
1 parent 5ad6097 commit a8fa845

1 file changed

Lines changed: 38 additions & 43 deletions

File tree

  • wrapper/rust/wolfssl-wolfcrypt/src

wrapper/rust/wolfssl-wolfcrypt/src/ecc.rs

Lines changed: 38 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -427,15 +427,14 @@ impl ECC {
427427
if rc != 0 {
428428
return Err(rc);
429429
}
430-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
430+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
431+
let mut ecc = ECC { wc_ecc_key };
431432
let rc = unsafe {
432-
sys::wc_ecc_make_key(&mut rng.wc_rng, size, &mut wc_ecc_key)
433+
sys::wc_ecc_make_key(&mut rng.wc_rng, size, &mut ecc.wc_ecc_key)
433434
};
434435
if rc != 0 {
435-
unsafe { sys::wc_ecc_free(&mut wc_ecc_key); }
436436
return Err(rc);
437437
}
438-
let ecc = ECC { wc_ecc_key };
439438
Ok(ecc)
440439
}
441440

@@ -485,15 +484,14 @@ impl ECC {
485484
if rc != 0 {
486485
return Err(rc);
487486
}
488-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
487+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
488+
let mut ecc = ECC { wc_ecc_key };
489489
let rc = unsafe {
490-
sys::wc_ecc_make_key_ex(&mut rng.wc_rng, size, &mut wc_ecc_key, curve_id)
490+
sys::wc_ecc_make_key_ex(&mut rng.wc_rng, size, &mut ecc.wc_ecc_key, curve_id)
491491
};
492492
if rc != 0 {
493-
unsafe { sys::wc_ecc_free(&mut wc_ecc_key); }
494493
return Err(rc);
495494
}
496-
let ecc = ECC { wc_ecc_key };
497495
Ok(ecc)
498496
}
499497

@@ -544,15 +542,14 @@ impl ECC {
544542
if rc != 0 {
545543
return Err(rc);
546544
}
547-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
545+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
546+
let mut ecc = ECC { wc_ecc_key };
548547
let rc = unsafe {
549-
sys::wc_ecc_make_key_ex2(&mut rng.wc_rng, size, &mut wc_ecc_key, curve_id, flags)
548+
sys::wc_ecc_make_key_ex2(&mut rng.wc_rng, size, &mut ecc.wc_ecc_key, curve_id, flags)
550549
};
551550
if rc != 0 {
552-
unsafe { sys::wc_ecc_free(&mut wc_ecc_key); }
553551
return Err(rc);
554552
}
555-
let ecc = ECC { wc_ecc_key };
556553
Ok(ecc)
557554
}
558555

@@ -632,16 +629,16 @@ impl ECC {
632629
if rc != 0 {
633630
return Err(rc);
634631
}
635-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
632+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
633+
let mut ecc = ECC { wc_ecc_key };
636634
let mut idx = 0u32;
637635
let der_size = der.len() as u32;
638636
let rc = unsafe {
639-
sys::wc_EccPrivateKeyDecode(der.as_ptr(), &mut idx, &mut wc_ecc_key, der_size)
637+
sys::wc_EccPrivateKeyDecode(der.as_ptr(), &mut idx, &mut ecc.wc_ecc_key, der_size)
640638
};
641639
if rc != 0 {
642640
return Err(rc);
643641
}
644-
let ecc = ECC { wc_ecc_key };
645642
Ok(ecc)
646643
}
647644

@@ -695,16 +692,16 @@ impl ECC {
695692
if rc != 0 {
696693
return Err(rc);
697694
}
698-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
695+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
696+
let mut ecc = ECC { wc_ecc_key };
699697
let mut idx = 0u32;
700698
let der_size = der.len() as u32;
701699
let rc = unsafe {
702-
sys::wc_EccPublicKeyDecode(der.as_ptr(), &mut idx, &mut wc_ecc_key, der_size)
700+
sys::wc_EccPublicKeyDecode(der.as_ptr(), &mut idx, &mut ecc.wc_ecc_key, der_size)
703701
};
704702
if rc != 0 {
705703
return Err(rc);
706704
}
707-
let ecc = ECC { wc_ecc_key };
708705
Ok(ecc)
709706
}
710707

@@ -764,18 +761,18 @@ impl ECC {
764761
if rc != 0 {
765762
return Err(rc);
766763
}
767-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
764+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
765+
let mut ecc = ECC { wc_ecc_key };
768766
let priv_size = priv_buf.len() as u32;
769767
let pub_ptr = if pub_buf.is_empty() {core::ptr::null()} else {pub_buf.as_ptr()};
770768
let pub_size = pub_buf.len() as u32;
771769
let rc = unsafe {
772770
sys::wc_ecc_import_private_key(priv_buf.as_ptr(), priv_size,
773-
pub_ptr, pub_size, &mut wc_ecc_key)
771+
pub_ptr, pub_size, &mut ecc.wc_ecc_key)
774772
};
775773
if rc != 0 {
776774
return Err(rc);
777775
}
778-
let ecc = ECC { wc_ecc_key };
779776
Ok(ecc)
780777
}
781778

@@ -838,18 +835,18 @@ impl ECC {
838835
if rc != 0 {
839836
return Err(rc);
840837
}
841-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
838+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
839+
let mut ecc = ECC { wc_ecc_key };
842840
let priv_size = priv_buf.len() as u32;
843841
let pub_ptr = if pub_buf.is_empty() {core::ptr::null()} else {pub_buf.as_ptr()};
844842
let pub_size = pub_buf.len() as u32;
845843
let rc = unsafe {
846844
sys::wc_ecc_import_private_key_ex(priv_buf.as_ptr(), priv_size,
847-
pub_ptr, pub_size, &mut wc_ecc_key, curve_id)
845+
pub_ptr, pub_size, &mut ecc.wc_ecc_key, curve_id)
848846
};
849847
if rc != 0 {
850848
return Err(rc);
851849
}
852-
let ecc = ECC { wc_ecc_key };
853850
Ok(ecc)
854851
}
855852

@@ -897,19 +894,19 @@ impl ECC {
897894
if rc != 0 {
898895
return Err(rc);
899896
}
900-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
897+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
898+
let mut ecc = ECC { wc_ecc_key };
901899
let qx_ptr = qx.as_ptr() as *const core::ffi::c_char;
902900
let qy_ptr = qy.as_ptr() as *const core::ffi::c_char;
903901
let d_ptr = d.as_ptr() as *const core::ffi::c_char;
904902
let curve_name_ptr = curve_name.as_ptr() as *const core::ffi::c_char;
905903
let rc = unsafe {
906-
sys::wc_ecc_import_raw(&mut wc_ecc_key, qx_ptr, qy_ptr, d_ptr,
904+
sys::wc_ecc_import_raw(&mut ecc.wc_ecc_key, qx_ptr, qy_ptr, d_ptr,
907905
curve_name_ptr)
908906
};
909907
if rc != 0 {
910908
return Err(rc);
911909
}
912-
let ecc = ECC { wc_ecc_key };
913910
Ok(ecc)
914911
}
915912

@@ -957,18 +954,18 @@ impl ECC {
957954
if rc != 0 {
958955
return Err(rc);
959956
}
960-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
957+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
958+
let mut ecc = ECC { wc_ecc_key };
961959
let qx_ptr = qx.as_ptr() as *const core::ffi::c_char;
962960
let qy_ptr = qy.as_ptr() as *const core::ffi::c_char;
963961
let d_ptr = d.as_ptr() as *const core::ffi::c_char;
964962
let rc = unsafe {
965-
sys::wc_ecc_import_raw_ex(&mut wc_ecc_key, qx_ptr, qy_ptr, d_ptr,
966-
curve_id)
963+
sys::wc_ecc_import_raw_ex(&mut ecc.wc_ecc_key, qx_ptr, qy_ptr,
964+
d_ptr, curve_id)
967965
};
968966
if rc != 0 {
969967
return Err(rc);
970968
}
971-
let ecc = ECC { wc_ecc_key };
972969
Ok(ecc)
973970
}
974971

@@ -1025,15 +1022,15 @@ impl ECC {
10251022
if rc != 0 {
10261023
return Err(rc);
10271024
}
1028-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1025+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1026+
let mut ecc = ECC { wc_ecc_key };
10291027
let rc = unsafe {
1030-
sys::wc_ecc_import_unsigned(&mut wc_ecc_key, qx.as_ptr(), qy.as_ptr(),
1031-
d.as_ptr(), curve_id)
1028+
sys::wc_ecc_import_unsigned(&mut ecc.wc_ecc_key, qx.as_ptr(),
1029+
qy.as_ptr(), d.as_ptr(), curve_id)
10321030
};
10331031
if rc != 0 {
10341032
return Err(rc);
10351033
}
1036-
let ecc = ECC { wc_ecc_key };
10371034
Ok(ecc)
10381035
}
10391036

@@ -1084,15 +1081,14 @@ impl ECC {
10841081
if rc != 0 {
10851082
return Err(rc);
10861083
}
1087-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1084+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1085+
let mut ecc = ECC { wc_ecc_key };
10881086
let rc = unsafe {
1089-
sys::wc_ecc_import_x963(din.as_ptr(), din_size, &mut wc_ecc_key)
1087+
sys::wc_ecc_import_x963(din.as_ptr(), din_size, &mut ecc.wc_ecc_key)
10901088
};
10911089
if rc != 0 {
1092-
unsafe { sys::wc_ecc_free(&mut wc_ecc_key); }
10931090
return Err(rc);
10941091
}
1095-
let ecc = ECC { wc_ecc_key };
10961092
Ok(ecc)
10971093
}
10981094

@@ -1148,15 +1144,14 @@ impl ECC {
11481144
if rc != 0 {
11491145
return Err(rc);
11501146
}
1151-
let mut wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1147+
let wc_ecc_key = unsafe { wc_ecc_key.assume_init() };
1148+
let mut ecc = ECC { wc_ecc_key };
11521149
let rc = unsafe {
1153-
sys::wc_ecc_import_x963_ex(din.as_ptr(), din_size, &mut wc_ecc_key, curve_id)
1150+
sys::wc_ecc_import_x963_ex(din.as_ptr(), din_size, &mut ecc.wc_ecc_key, curve_id)
11541151
};
11551152
if rc != 0 {
1156-
unsafe { sys::wc_ecc_free(&mut wc_ecc_key); }
11571153
return Err(rc);
11581154
}
1159-
let ecc = ECC { wc_ecc_key };
11601155
Ok(ecc)
11611156
}
11621157

0 commit comments

Comments
 (0)