aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJames Bottomley <James.Bottomley@HansenPartnership.com>2023-01-12 15:09:25 -0500
committerJames Bottomley <James.Bottomley@HansenPartnership.com>2023-01-12 15:52:42 -0500
commit46b76c90dae7d57f279cc298c49fc5e06cdf5e32 (patch)
treeec3ea054009a14dbf2c43399d60d5d7ff646e5c6
parent150a28b356a8079cf831f12e5fee9dae698fe9ef (diff)
downloadopenssl_tpm2_engine-46b76c90dae7d57f279cc298c49fc5e06cdf5e32.tar.gz
signed_tpm2_policy: fix double free
The routine tpm2_new_signed_policy() frees the key, which contains the policy, on success or failure meaning the TSSAUTHPOLICY has been freed after exit from this function and we trigger an error if we try to free it again. There's also a double free of the EVP_PKEY in tpm2_new_signed_policy(). Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat
-rw-r--r--signed_tpm2_policy.c3
-rw-r--r--tpm2-common.c1
2 files changed, 3 insertions, 1 deletions
diff --git a/signed_tpm2_policy.c b/signed_tpm2_policy.c
index 10c8157..1ddf9b4 100644
--- a/signed_tpm2_policy.c
+++ b/signed_tpm2_policy.c
@@ -230,6 +230,9 @@ int main(int argc, char **argv)
if (rc == 0)
exit(0);
+ /* tpm2_new_signed_policy frees the key which includes the policy */
+ goto out_err;
+
out_free_policy:
if (ap->name)
ASN1_UTF8STRING_free(ap->name);
diff --git a/tpm2-common.c b/tpm2-common.c
index e345c6a..cc57595 100644
--- a/tpm2-common.c
+++ b/tpm2-common.c
@@ -2332,7 +2332,6 @@ TPM_RC tpm2_new_signed_policy(char *tpmkey, char *policykey, char *engine,
BIO_free(bf);
TSSPRIVKEY_free(tpk);
- EVP_PKEY_free(pkey);
return 0;
err_free_tpmkey:
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 08:54:41 +0000