Fix cleanup of TR-31 context object

* After tr31_import() has allocated the optional block array, all error paths should call tr31_release() * If tr31_import() fails, the caller (in this case tr31-tool), should not call tr31_release() * Ensure that export tests always call tr31_release() upon error
openemv · Oct 14, 2023 · 3e665ec · 3e665ec
1 parent 9d86dfd
commit 3e665ec
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 4 deletions.
diff --git a/src/tr31-tool.c b/src/tr31-tool.c
@@ -838,7 +838,10 @@ static int do_tr31_import(const struct tr31_tool_options_t* options)
 
 	// cleanup
 	tr31_key_release(&kbpk);
-	tr31_release(&tr31_ctx);
+	if (!ret) {
+		// only cleanup TR-31 context object if tr31_import() was successful
+		tr31_release(&tr31_ctx);
+	}
 
 	return ret;
 }

diff --git a/src/tr31.c b/src/tr31.c
@@ -1299,7 +1299,8 @@ int tr31_import(
 	// So we'll use the encryption block size which is determined by the TR-31
 	// format version.
 	if (opt_blk_len_total & (enc_block_size-1)) {
-		return TR31_ERROR_INVALID_OPTIONAL_BLOCK_DATA;
+		r = TR31_ERROR_INVALID_OPTIONAL_BLOCK_DATA;
+		goto error;
 	}
 
 	// ensure that current pointer is valid for minimal payload and authenticator

diff --git a/test/tr31_export_test.c b/test/tr31_export_test.c
@@ -832,15 +832,15 @@ int main(void)
 				);
 				if (r) {
 					fprintf(stderr, "tr31_opt_block_add_CT() error %d: %s\n", r, tr31_get_error_string(r));
-					return 1;
+					goto exit;
 				}
 			}
 		}
 		if (test[i].opt_blk_HM) {
 			r = tr31_opt_block_add_HM(&test_tr31, test[i].opt_blk_HM);
 			if (r) {
 				fprintf(stderr, "tr31_opt_block_add_HM() error %d: %s\n", r, tr31_get_error_string(r));
-				return 1;
+				goto exit;
 			}
 		}
 		if (test[i].opt_blk_KC) {