From 482138feff6a6de0fd3aacd7a00dd0f35a086d41 Mon Sep 17 00:00:00 2001 From: Michael Vetter Date: Thu, 4 Jul 2019 11:55:53 +0200 Subject: Free key on error in omemo_start_device_session_handle_bundle() Fix: ``` ==20561== 32 bytes in 1 blocks are definitely lost in loss record 1,467 of 3,678 ==20561== at 0x483677F: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==20561== by 0x4B16C9: omemo_start_device_session_handle_bundle (omemo.c:167) ==20561== by 0x43405E: _iq_handler (iq.c:214) ==20561== by 0x5AF118E: ??? (in /usr/lib64/libmesode.so.0.0.0) ==20561== by 0x5AEDBDA: ??? (in /usr/lib64/libmesode.so.0.0.0) ==20561== by 0x5AFA43E: ??? (in /usr/lib64/libmesode.so.0.0.0) ==20561== by 0x6818AA4: ??? (in /usr/lib64/libexpat.so.1.6.8) ==20561== by 0x681A3AB: ??? (in /usr/lib64/libexpat.so.1.6.8) ==20561== by 0x681D7EB: XML_ParseBuffer (in /usr/lib64/libexpat.so.1.6.8) ==20561== by 0x5AF0A63: xmpp_run_once (in /usr/lib64/libmesode.so.0.0.0) ==20561== by 0x432E5D: connection_check_events (connection.c:104) ==20561== by 0x4323B3: session_process_events (session.c:255) ==20561== by 0x42C097: prof_run (profanity.c:128) ==20561== by 0x4B260D: main (main.c:172) ``` --- src/xmpp/omemo.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/xmpp/omemo.c b/src/xmpp/omemo.c index e0f2a70d..e44cc00e 100644 --- a/src/xmpp/omemo.c +++ b/src/xmpp/omemo.c @@ -168,13 +168,18 @@ omemo_start_device_session_handle_bundle(xmpp_stanza_t *const stanza, void *cons const char *prekey_id_text = xmpp_stanza_get_attribute(prekey, "preKeyId"); if (!prekey_id_text) { + omemo_key_free(key); goto out; } + key->id = strtoul(prekey_id_text, NULL, 10); xmpp_stanza_t *prekey_text = xmpp_stanza_get_children(prekey); + if (!prekey_text) { + omemo_key_free(key); goto out; } + char *prekey_b64 = xmpp_stanza_get_text(prekey_text); key->data = g_base64_decode(prekey_b64, &key->length); free(prekey_b64); -- cgit 1.4.1-2-gfad0