cert_create: fix memory leak bug caused by key container overwrite
In the current code, both key_load() and key_create() call key_new()
to allocate a key container (and they do not free it even if they
fail). If a specific key is not given by the command option,
key_load() fails, then key_create() is called. At this point, the
key container that has been allocated in key_load() is still alive,
and it is overwritten by a new key container created by key_create().
Move the key_new() call to the main() function to make sure it is
called just once for each descriptor.
While we are here, let's fix one more bug; the error handling code
ERROR("Malloc error while loading '%s'\n", keys[i].fn);
is wrong because keys[i].fn is NULL pointer unless a specific key is
given by the command option. This code could be run in either case.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c
index a7ee759..47c152c 100644
--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c
@@ -49,7 +49,7 @@
/*
* Create a new key container
*/
-static int key_new(key_t *key)
+int key_new(key_t *key)
{
/* Create key pair container */
key->key = EVP_PKEY_new();
@@ -123,11 +123,6 @@
return 0;
}
- /* Create OpenSSL key container */
- if (!key_new(key)) {
- return 0;
- }
-
if (key_create_fn[type]) {
return key_create_fn[type](key);
}
@@ -140,12 +135,6 @@
FILE *fp = NULL;
EVP_PKEY *k = NULL;
- /* Create OpenSSL key container */
- if (!key_new(key)) {
- *err_code = KEY_ERR_MALLOC;
- return 0;
- }
-
if (key->fn) {
/* Load key from file */
fp = fopen(key->fn, "r");