diff options
author | David Drysdale <drysdale@google.com> | 2023-05-19 18:20:04 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-05-19 18:20:04 +0000 |
commit | 76433b71404f9a0cc31b2d52562f827c3a460a64 (patch) | |
tree | d87b5aa6885830274bfbcd56527720e9a5a12499 | |
parent | e25a0449e9fbe04bf9bbc4b3e25c830a79815348 (diff) | |
parent | b43e0627ee7f2656b88c206b6a383784a0744e0b (diff) | |
download | keymaster-76433b71404f9a0cc31b2d52562f827c3a460a64.tar.gz |
Merge "Fix leak in ASN1 code for unique ID" am: d15b390bfc am: bf36cd23ae am: 94bfbdb8ad am: 25ddf50eeb am: b43e0627ee
Original change: https://android-review.googlesource.com/c/platform/system/keymaster/+/2597125
Change-Id: I5bef3d5616d97f5a3e303c9179ba7e9d9c3c4f3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | include/keymaster/km_openssl/attestation_record.h | 2 | ||||
-rw-r--r-- | km_openssl/attestation_record.cpp | 4 |
2 files changed, 2 insertions, 4 deletions
diff --git a/include/keymaster/km_openssl/attestation_record.h b/include/keymaster/km_openssl/attestation_record.h index 35b9956..c66d44f 100644 --- a/include/keymaster/km_openssl/attestation_record.h +++ b/include/keymaster/km_openssl/attestation_record.h @@ -205,7 +205,7 @@ typedef struct km_key_description { ASN1_OCTET_STRING* attestation_challenge; KM_AUTH_LIST* software_enforced; KM_AUTH_LIST* tee_enforced; - ASN1_INTEGER* unique_id; + ASN1_OCTET_STRING* unique_id; } KM_KEY_DESCRIPTION; ASN1_SEQUENCE(KM_KEY_DESCRIPTION) = { diff --git a/km_openssl/attestation_record.cpp b/km_openssl/attestation_record.cpp index 5a85312..726b5ce 100644 --- a/km_openssl/attestation_record.cpp +++ b/km_openssl/attestation_record.cpp @@ -1094,9 +1094,7 @@ keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_p attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error); if (error != KM_ERROR_OK) return error; - key_desc->unique_id = ASN1_OCTET_STRING_new(); - if (!key_desc->unique_id || - !ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(), + if (!ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(), unique_id.available_read())) return TranslateLastOpenSslError(); } |