@@ -118,23 +118,26 @@ static ssize_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, si
cipher = EVP_aes_256_ecb();
if (!cipher) {
errmsg("OpenSSL: Cipher AES-256-ECB is not supported");
- return -1;
+ goto fail;
}
if (do_hash(EVP_sha256(), key, key_len, sha256) != 0) {
errmsg("sha256 failed");
- return -1;
+ goto fail;
}
ret = do_encrypt(cipher, iv, iv_len, sha256, EVP_MD_size(EVP_sha256()), NULL, 0, salt);
if (ret != iv_len) {
errmsg("Unable to compute ESSIV salt, return value %zi instead of %zi", ret, iv_len);
- return -1;
+ goto fail;
}
free(sha256);
return ret;
+fail:
+ free(sha256);
+ return -1;
}
static ssize_t encrypt_block(const void *plaintext, size_t size,
@@ -106,13 +106,19 @@ int encrypt_path(void **outbuf, void *data, unsigned int data_len,
memcpy(inbuf, data, data_len);
crypt_key = calc_fscrypt_subkey(fctx);
- if (!crypt_key)
+ if (!crypt_key) {
+ free(inbuf);
+ free(*outbuf);
return err_msg("could not compute subkey");
+ }
ret = fscrypt_cipher->encrypt_fname(inbuf, cryptlen,
crypt_key, *outbuf);
- if (ret < 0)
+ if (ret < 0) {
+ free(inbuf);
+ free(*outbuf);
return err_msg("could not encrypt filename");
+ }
free(crypt_key);
free(inbuf);
@@ -133,13 +139,19 @@ int encrypt_data_node(struct fscrypt_context *fctx, unsigned int block_no,
memcpy(inbuf, &dn->data, length);
crypt_key = calc_fscrypt_subkey(fctx);
- if (!crypt_key)
+ if (!crypt_key) {
+ free(inbuf);
+ free(outbuf);
return err_msg("could not compute subkey");
+ }
ret = fscrypt_cipher->encrypt_block(inbuf, pad_len,
crypt_key, block_no,
outbuf);
if (ret != pad_len) {
+ free(inbuf);
+ free(outbuf);
+ free(crypt_key);
return err_msg("encrypt_block returned %zi "
"instead of %zi", ret, pad_len);
}
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> --- ubifs-utils/mkfs.ubifs/crypto.c | 9 ++++++--- ubifs-utils/mkfs.ubifs/fscrypt.c | 18 +++++++++++++++--- 2 files changed, 21 insertions(+), 6 deletions(-)