fix memory leak when gquic50 decrypt packet (#430)

* fix memory leak when gquic50 decrypt packet fix a suspicious memory leak in gquic and iquic * drop some redundant checking. Co-authored-by: linsc <linsc@wangus.com>
2022-11-18 22:21:43 +08:00 · 2022-11-18 22:21:43 +08:00 · 1a4edfcdc6
parent 755143fe4a
commit 1a4edfcdc6
2 changed files with 4 additions and 5 deletions
--- a/src/liblsquic/lsquic_enc_sess_ietf.c
+++ b/src/liblsquic/lsquic_enc_sess_ietf.c
@ -2252,7 +2252,7 @@ iquic_esf_decrypt_packet (enc_session_t *enc_session_p,
     *  These cipher suites have a 16-byte authentication tag and
     *  produce an output 16 bytes larger than their input.
     */
-    const size_t dst_sz = packet_in->pi_data_sz - 16;
+    const size_t dst_sz = packet_in->pi_data_sz - IQUIC_TAG_LEN;
    unsigned char new_secret[EVP_MAX_KEY_LENGTH];
    struct crypto_ctx crypto_ctx_buf;
    char secret_str[EVP_MAX_KEY_LENGTH * 2 + 1];
@ -2450,10 +2450,10 @@ iquic_esf_decrypt_packet (enc_session_t *enc_session_p,
        enc_sess->esi_key_phase = key_phase;
    }

-    packet_in->pi_data_sz = packet_in->pi_header_sz + out_sz;
    if (packet_in->pi_flags & PI_OWN_DATA)
        lsquic_mm_put_packet_in_buf(&enpub->enp_mm, packet_in->pi_data,
                                                        packet_in->pi_data_sz);
+    packet_in->pi_data_sz = packet_in->pi_header_sz + out_sz;
    packet_in->pi_data = dst;
    packet_in->pi_flags |= PI_OWN_DATA | PI_DECRYPTED
                        | (enc_level << PIBIT_ENC_LEV_SHIFT);
--- a/src/liblsquic/lsquic_handshake.c
+++ b/src/liblsquic/lsquic_handshake.c
@ -4179,7 +4179,7 @@ gquic2_esf_decrypt_packet (enc_session_t *enc_session_p,
    lsquic_packno_t packno;
    size_t out_sz;
    enum dec_packin dec_packin;
-    const size_t dst_sz = packet_in->pi_data_sz;
+    const size_t dst_sz = packet_in->pi_data_sz - IQUIC_TAG_LEN;
    char errbuf[ERR_ERROR_STRING_BUF_LEN];

    dst = lsquic_mm_get_packet_in_buf(&enpub->enp_mm, dst_sz);
@ -4270,11 +4270,10 @@ gquic2_esf_decrypt_packet (enc_session_t *enc_session_p,
    }

    /* Bits 2 and 3 are not set and don't need to be checked in gQUIC */
-
-    packet_in->pi_data_sz = packet_in->pi_header_sz + out_sz;
    if (packet_in->pi_flags & PI_OWN_DATA)
        lsquic_mm_put_packet_in_buf(&enpub->enp_mm, packet_in->pi_data,
                                                        packet_in->pi_data_sz);
+    packet_in->pi_data_sz = packet_in->pi_header_sz + out_sz;
    packet_in->pi_data = dst;
    packet_in->pi_flags |= PI_OWN_DATA | PI_DECRYPTED
                        | (gel2el[gel] << PIBIT_ENC_LEV_SHIFT);