Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d9ad02e3 authored by Kihyung Lee's avatar Kihyung Lee
Browse files

Fix memory leak when GateKeeperProxy.verify() returns 

After verify() calls verifyChallenge(), the caller acquires the ownership of
returned memory block pointed by *auth_token.
However, the current implementation directly returns and lost the reference
of auth_token without freeing it from heap memory.

This patch solves this problem by explicitly deleting the auth_token array.

Change-Id: I6cfe8427174aa36fbb208e2fff8904095f468ec6
parent 60e9dad7

gatekeeperd/gatekeeperd.cpp

+4 −2
Original line number Diff line number Diff line
@@ -234,11 +234,13 @@ public: 
    virtual int verify(uint32_t uid,

            const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,

            const uint8_t *provided_password, uint32_t provided_password_length, bool *request_reenroll) {

        uint8_t *auth_token;

        uint8_t *auth_token = nullptr;

        uint32_t auth_token_length;

        return verifyChallenge(uid, 0, enrolled_password_handle, enrolled_password_handle_length,

        int ret = verifyChallenge(uid, 0, enrolled_password_handle, enrolled_password_handle_length,

                provided_password, provided_password_length,

                &auth_token, &auth_token_length, request_reenroll);

        delete [] auth_token;

        return ret;

    }



    virtual int verifyChallenge(uint32_t uid, uint64_t challenge,