Commit f48dc74c authored by Luis R. Rodriguez's avatar Luis R. Rodriguez

crda: use gcry_sexp_release() on crda_verify_db_signature()

This fixes 6 of 10 reported valgrind errors when
crda_verify_db_signature() is used through regdbdump.
Signed-off-by: 's avatarLuis R. Rodriguez <mcgrof@do-not-panic.com>
parent 052b8792
......@@ -135,13 +135,14 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
if (gcry_sexp_build(&data, NULL, "(data (flags pkcs1) (hash sha1 %b))",
20, hash)) {
fprintf(stderr, "Failed to build data S-expression.\n");
goto out;
return ok;
}
if (gcry_sexp_build(&signature, NULL, "(sig-val (rsa (s %b)))",
siglen, db + dblen)) {
fprintf(stderr, "Failed to build signature S-expression.\n");
goto out;
gcry_sexp_release(data);
return ok;
}
for (i = 0; (i < sizeof(keys)/sizeof(keys[0])) && (!ok); i++) {
......@@ -161,12 +162,15 @@ int crda_verify_db_signature(uint8_t *db, int dblen, int siglen)
}
ok = gcry_pk_verify(signature, data, rsa) == 0;
gcry_sexp_release(rsa);
}
if (!ok)
fprintf(stderr, "Database signature verification failed.\n");
out:
gcry_sexp_release(data);
gcry_sexp_release(signature);
return ok;
}
#endif /* USE_GCRYPT */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment