summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHung-ying Tyan2018-06-08 04:53:48 -0500
committerandroid-build-team Robot2018-06-26 18:44:29 -0500
commitfd547ab6ce39423fc99524f391d709f428673d1f (patch)
tree1ad51c12ccc1b15fd4520e8fb1c4f0c748d3857c
parent8bc26926ffe0c2b385b3c162f5aefd18b4ce9d69 (diff)
downloadplatform-hardware-interfaces-fd547ab6ce39423fc99524f391d709f428673d1f.tar.gz
platform-hardware-interfaces-fd547ab6ce39423fc99524f391d709f428673d1f.tar.xz
platform-hardware-interfaces-fd547ab6ce39423fc99524f391d709f428673d1f.zip
Fix free() in keymaster VTS
The buffer is allocated by OPENSSL_malloc() in X509_NAME_oneline(name, nullptr, 0). Should be reclaimed by OPENSSL_free() instead of free(). The patch is provided by vink.shen@mediatek.corp-partner.google.com Bug: 109708231 Test: build pass Change-Id: I66a864e3e28905eebac2e7d3a4517d4d5aaa39df (cherry picked from commit 79db3ec849c5f1142a0802dccfff6cbef564ff76)
-rw-r--r--keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp7
-rw-r--r--keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp7
2 files changed, 8 insertions, 6 deletions
diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
index 3a181a96..7cdf253b 100644
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -20,6 +20,7 @@
20#include <iostream> 20#include <iostream>
21 21
22#include <openssl/evp.h> 22#include <openssl/evp.h>
23#include <openssl/mem.h>
23#include <openssl/x509.h> 24#include <openssl/x509.h>
24 25
25#include <android/hardware/keymaster/3.0/IKeymasterDevice.h> 26#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
@@ -322,11 +323,11 @@ bool verify_chain(const hidl_vec<hidl_vec<uint8_t>>& chain) {
322 char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0); 323 char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0);
323 EXPECT_STREQ("/CN=Android Keystore Key", cert_sub) 324 EXPECT_STREQ("/CN=Android Keystore Key", cert_sub)
324 << "Cert " << i << " has wrong subject. (Possibly b/38394614)"; 325 << "Cert " << i << " has wrong subject. (Possibly b/38394614)";
325 free(cert_sub); 326 OPENSSL_free(cert_sub);
326 } 327 }
327 328
328 free(cert_issuer); 329 OPENSSL_free(cert_issuer);
329 free(signer_subj); 330 OPENSSL_free(signer_subj);
330 331
331 if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl; 332 if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl;
332 } 333 }
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 854c7168..450b3eb4 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -20,6 +20,7 @@
20#include <iostream> 20#include <iostream>
21 21
22#include <openssl/evp.h> 22#include <openssl/evp.h>
23#include <openssl/mem.h>
23#include <openssl/x509.h> 24#include <openssl/x509.h>
24 25
25#include <cutils/properties.h> 26#include <cutils/properties.h>
@@ -208,11 +209,11 @@ bool verify_chain(const hidl_vec<hidl_vec<uint8_t>>& chain) {
208 char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0); 209 char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0);
209 EXPECT_STREQ("/CN=Android Keystore Key", cert_sub) 210 EXPECT_STREQ("/CN=Android Keystore Key", cert_sub)
210 << "Cert " << i << " has wrong subject."; 211 << "Cert " << i << " has wrong subject.";
211 free(cert_sub); 212 OPENSSL_free(cert_sub);
212 } 213 }
213 214
214 free(cert_issuer); 215 OPENSSL_free(cert_issuer);
215 free(signer_subj); 216 OPENSSL_free(signer_subj);
216 217
217 if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl; 218 if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl;
218 } 219 }