Merge "Fix leak in ASN1 code for unique ID" am: d15b390bfc am: bf36cd23ae am: 94bfbdb8ad am: 25ddf50eeb am: b43e0627ee

Original change: https://android-review.googlesource.com/c/platform/system/keymaster/+/2597125

Change-Id: I5bef3d5616d97f5a3e303c9179ba7e9d9c3c4f3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

2 files changed, 2 insertions, 4 deletions

diff --git a/include/keymaster/km_openssl/attestation_record.h b/include/keymaster/km_openssl/attestation_record.h
index 35b9956..c66d44f 100644
--- a/include/keymaster/km_openssl/attestation_record.h
+++ b/include/keymaster/km_openssl/attestation_record.h
@@ -205,7 +205,7 @@ typedef struct km_key_description {
     ASN1_OCTET_STRING* attestation_challenge;
     KM_AUTH_LIST* software_enforced;
     KM_AUTH_LIST* tee_enforced;
-    ASN1_INTEGER* unique_id;
+    ASN1_OCTET_STRING* unique_id;
 } KM_KEY_DESCRIPTION;
 
 ASN1_SEQUENCE(KM_KEY_DESCRIPTION) = {
diff --git a/km_openssl/attestation_record.cpp b/km_openssl/attestation_record.cpp
index 5a85312..726b5ce 100644
--- a/km_openssl/attestation_record.cpp
+++ b/km_openssl/attestation_record.cpp
@@ -1094,9 +1094,7 @@ keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_p
             attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error);
         if (error != KM_ERROR_OK) return error;
 
-        key_desc->unique_id = ASN1_OCTET_STRING_new();
-        if (!key_desc->unique_id ||
-            !ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(),
+        if (!ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(),
                                    unique_id.available_read()))
             return TranslateLastOpenSslError();
     }