Allocate data returned by pkcs7_t.get_attribute()
authorMartin Willi <martin@revosec.ch>
Thu, 29 Nov 2012 10:29:46 +0000 (11:29 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 19 Dec 2012 09:32:08 +0000 (10:32 +0100)
src/libstrongswan/credentials/containers/pkcs7.h
src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
src/pki/commands/pkcs7.c
src/scepclient/scep.c

index d79650e..d42d82b 100644 (file)
@@ -41,9 +41,12 @@ struct pkcs7_t {
         * To select the signerInfo structure to get the attribute from, pass
         * the enumerator position from container_t.create_signature_enumerator().
         *
+        * The attribute returned does not contain type information and must be
+        * freed after use.
+        *
         * @param oid                   OID from the attribute to get
         * @param enumerator    enumerator to select signerInfo
-        * @param value                 chunk receiving attribute value, internal data
+        * @param value                 chunk receiving attribute value, allocated
         * @return                              TRUE if attribute found
         */
        bool (*get_attribute)(pkcs7_t *this, int oid, enumerator_t *enumerator,
index 4c963ab..2ef9708 100644 (file)
@@ -323,7 +323,7 @@ METHOD(pkcs7_t, get_attribute, bool,
                chunk = e->info->attributes->get_attribute(e->info->attributes, oid);
                if (chunk.len)
                {
-                       *value = chunk;
+                       *value = chunk_clone(chunk);
                        return TRUE;
                }
        }
index d5bee75..3d53ace 100644 (file)
@@ -114,6 +114,7 @@ static int verify(chunk_t chunk)
                                {
                                        fprintf(stderr, " at %T", &t, FALSE);
                                }
+                               free(data.ptr);
                        }
                        fprintf(stderr, "\n");
                }
index faaac88..62b244e 100644 (file)
@@ -85,6 +85,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator,
                        }
                }
                DBG2(DBG_APP, "messageType:  %s", msgType_names[attrs->msgType]);
+               free(attr.ptr);
        }
        if (pkcs7->get_attribute(pkcs7, OID_PKI_STATUS, enumerator, &attr))
        {
@@ -98,6 +99,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator,
                        }
                }
                DBG2(DBG_APP, "pkiStatus:    %s", pkiStatus_names[attrs->pkiStatus]);
+               free(attr.ptr);
        }
        if (pkcs7->get_attribute(pkcs7, OID_PKI_FAIL_INFO, enumerator, &attr))
        {
@@ -109,6 +111,7 @@ void extract_attributes(pkcs7_t *pkcs7, enumerator_t *enumerator,
                {
                        DBG1(DBG_APP, "failInfo:     %s", failInfo_reasons[attrs->failInfo]);
                }
+               free(attr.ptr);
        }
 
        pkcs7->get_attribute(pkcs7, OID_PKI_SENDER_NONCE, enumerator,