[Skiboot-stable] [PATCH 6.7.x 3/4] secvar/backend: fix a memory leak in get_pkcs7

Daniel Axtens dja at axtens.net
Wed Jul 21 14:00:29 AEST 2021


commit 8dd8b6e4abb4d61cdf98470f3fe5cb750def7a18 upstream.

We need to actually free the pkcs7 structure, not just pass it to
mbedtls_pkcs7_free().

Signed-off-by: Daniel Axtens <dja at axtens.net>
Reviewed-by: Nayna Jain <nayna at linux.ibm.com>
Tested-by: Nayna Jain <nayna at linux.ibm.com>
Signed-off-by: Vasant Hegde <hegdevasant at linux.vnet.ibm.com>
---
 libstb/secvar/backend/edk2-compat-process.c  |   1 +
 libstb/secvar/test/Makefile.check            |   5 +-
 libstb/secvar/test/data/KEKpkcs7corrupt.h    | 161 +++++++++++++++++++
 libstb/secvar/test/secvar-test-edk2-compat.c |  15 ++
 4 files changed, 181 insertions(+), 1 deletion(-)
 create mode 100644 libstb/secvar/test/data/KEKpkcs7corrupt.h

diff --git a/libstb/secvar/backend/edk2-compat-process.c b/libstb/secvar/backend/edk2-compat-process.c
index c5113b72b3f1..3361eb5f8169 100644
--- a/libstb/secvar/backend/edk2-compat-process.c
+++ b/libstb/secvar/backend/edk2-compat-process.c
@@ -461,6 +461,7 @@ static mbedtls_pkcs7* get_pkcs7(const struct efi_variable_authentication_2 *auth
 
 out:
 	mbedtls_pkcs7_free(pkcs7);
+	free(pkcs7);
 	pkcs7 = NULL;
 	return pkcs7;
 }
diff --git a/libstb/secvar/test/Makefile.check b/libstb/secvar/test/Makefile.check
index 6cb1687d3a7e..5aeeb54d6ea8 100644
--- a/libstb/secvar/test/Makefile.check
+++ b/libstb/secvar/test/Makefile.check
@@ -10,6 +10,9 @@ HOSTCFLAGS += -I$(SRC)/$(LIBSTB_DIR)/crypto/mbedtls/include
 # Needed because x86 and POWER disagree on the type for uint64_t, causes printf issues
 HOSTCFLAGS+= -Wno-format
 
+# we want to test for leaks too:
+SECVAR_VALGRIND := $(VALGRIND) --leak-check=full
+
 .PHONY : secvar-check
 secvar-check: $(SECVAR_TEST:%=%-check) $(SECVAR_TEST_NOSTUB:%=%-check)
 
@@ -27,7 +30,7 @@ $(SECVAR_TEST:%=%-gcov-run) : %-run: %
 
 $(SECVAR_TEST:%=%-check) : %-check: %
 	@dd if=/dev/zero of=secboot.img bs=128k count=1 2> /dev/null
-	$(call QTEST, RUN-TEST ,$(VALGRIND) $<, $<)
+	$(call QTEST, RUN-TEST ,$(SECVAR_VALGRIND) $<, $<)
 	@$(RM) -f secboot.img
 
 HOST_MBEDTLS_OBJS=$(MBEDTLS_OBJS:%.o=$(CRYPTO_DIR)/%.host.o)
diff --git a/libstb/secvar/test/data/KEKpkcs7corrupt.h b/libstb/secvar/test/data/KEKpkcs7corrupt.h
new file mode 100644
index 000000000000..4631db47faab
--- /dev/null
+++ b/libstb/secvar/test/data/KEKpkcs7corrupt.h
@@ -0,0 +1,161 @@
+unsigned char KEKpkcs7corrupt_auth[]  = {
+0xe4 ,0x07 ,0x09 ,0x0e ,0x0e ,0x22 ,0x2e ,0x00  ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00
+,0xd3 ,0x05 ,0x00 ,0x00 ,0x00 ,0x02 ,0xf1 ,0x0e  ,0x9d ,0xd2 ,0xaf ,0x4a ,0xdf ,0x68 ,0xee ,0x49
+,0x8a ,0xa9 ,0x34 ,0x7d ,0x37 ,0x56 ,0x65 ,0xa7  ,0xff ,0xff ,0x05 ,0xb7 ,0x06 ,0x09 ,0x2a ,0x86
+,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x07 ,0x02 ,0xa0  ,0x82 ,0x05 ,0xa8 ,0x30 ,0x82 ,0x05 ,0xa4 ,0x02
+,0x01 ,0x01 ,0x31 ,0x0f ,0x30 ,0x0d ,0x06 ,0x09  ,0x60 ,0x86 ,0x48 ,0x01 ,0x65 ,0x03 ,0x04 ,0x02
+,0x01 ,0x05 ,0x00 ,0x30 ,0x0b ,0x06 ,0x09 ,0x2a  ,0x86 ,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x07 ,0x01
+,0xa0 ,0x82 ,0x03 ,0xca ,0x30 ,0x82 ,0x03 ,0xc6  ,0x30 ,0x82 ,0x02 ,0xae ,0xa0 ,0x03 ,0x02 ,0x01
+,0x02 ,0x02 ,0x09 ,0x00 ,0xda ,0xf3 ,0xf9 ,0x20  ,0x41 ,0x00 ,0xa8 ,0xeb ,0x30 ,0x0d ,0x06 ,0x09
+,0x2a ,0x86 ,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x01  ,0x0b ,0x05 ,0x00 ,0x30 ,0x78 ,0x31 ,0x0b ,0x30
+,0x09 ,0x06 ,0x03 ,0x55 ,0x04 ,0x06 ,0x13 ,0x02  ,0x55 ,0x53 ,0x31 ,0x0e ,0x30 ,0x0c ,0x06 ,0x03
+,0x55 ,0x04 ,0x08 ,0x0c ,0x05 ,0x54 ,0x65 ,0x78  ,0x61 ,0x73 ,0x31 ,0x0f ,0x30 ,0x0d ,0x06 ,0x03
+,0x55 ,0x04 ,0x07 ,0x0c ,0x06 ,0x41 ,0x75 ,0x73  ,0x74 ,0x69 ,0x6e ,0x31 ,0x0c ,0x30 ,0x0a ,0x06
+,0x03 ,0x55 ,0x04 ,0x0a ,0x0c ,0x03 ,0x49 ,0x42  ,0x4d ,0x31 ,0x0c ,0x30 ,0x0a ,0x06 ,0x03 ,0x55
+,0x04 ,0x0b ,0x0c ,0x03 ,0x4c ,0x54 ,0x43 ,0x31  ,0x0b ,0x30 ,0x09 ,0x06 ,0x03 ,0x55 ,0x04 ,0x03
+,0x0c ,0x02 ,0x50 ,0x4b ,0x31 ,0x1f ,0x30 ,0x1d  ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86 ,0xf7 ,0x0d
+,0x01 ,0x09 ,0x01 ,0x16 ,0x10 ,0x6e ,0x61 ,0x79  ,0x6e ,0x6a ,0x61 ,0x69 ,0x6e ,0x40 ,0x69 ,0x62
+,0x6d ,0x2e ,0x63 ,0x6f ,0x6d ,0x30 ,0x1e ,0x17  ,0x0d ,0x32 ,0x30 ,0x30 ,0x39 ,0x31 ,0x34 ,0x31
+,0x35 ,0x35 ,0x30 ,0x32 ,0x30 ,0x5a ,0x17 ,0x0d  ,0x32 ,0x31 ,0x30 ,0x39 ,0x31 ,0x34 ,0x31 ,0x35
+,0x35 ,0x30 ,0x32 ,0x30 ,0x5a ,0x30 ,0x78 ,0x31  ,0x0b ,0x30 ,0x09 ,0x06 ,0x03 ,0x55 ,0x04 ,0x06
+,0x13 ,0x02 ,0x55 ,0x53 ,0x31 ,0x0e ,0x30 ,0x0c  ,0x06 ,0x03 ,0x55 ,0x04 ,0x08 ,0x0c ,0x05 ,0x54
+,0x65 ,0x78 ,0x61 ,0x73 ,0x31 ,0x0f ,0x30 ,0x0d  ,0x06 ,0x03 ,0x55 ,0x04 ,0x07 ,0x0c ,0x06 ,0x41
+,0x75 ,0x73 ,0x74 ,0x69 ,0x6e ,0x31 ,0x0c ,0x30  ,0x0a ,0x06 ,0x03 ,0x55 ,0x04 ,0x0a ,0x0c ,0x03
+,0x49 ,0x42 ,0x4d ,0x31 ,0x0c ,0x30 ,0x0a ,0x06  ,0x03 ,0x55 ,0x04 ,0x0b ,0x0c ,0x03 ,0x4c ,0x54
+,0x43 ,0x31 ,0x0b ,0x30 ,0x09 ,0x06 ,0x03 ,0x55  ,0x04 ,0x03 ,0x0c ,0x02 ,0x50 ,0x4b ,0x31 ,0x1f
+,0x30 ,0x1d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86  ,0xf7 ,0x0d ,0x01 ,0x09 ,0x01 ,0x16 ,0x10 ,0x6e
+,0x61 ,0x79 ,0x6e ,0x6a ,0x61 ,0x69 ,0x6e ,0x40  ,0x69 ,0x62 ,0x6d ,0x2e ,0x63 ,0x6f ,0x6d ,0x30
+,0x82 ,0x01 ,0x22 ,0x30 ,0x0d ,0x06 ,0x09 ,0x2a  ,0x86 ,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x01 ,0x01
+,0x05 ,0x00 ,0x03 ,0x82 ,0x01 ,0x0f ,0x00 ,0x30  ,0x82 ,0x01 ,0x0a ,0x02 ,0x82 ,0x01 ,0x01 ,0x00
+,0xaf ,0xca ,0xd3 ,0xaa ,0xb0 ,0xc7 ,0xb5 ,0x2e  ,0x3b ,0x12 ,0x27 ,0x68 ,0x2d ,0x90 ,0x17 ,0xc4
+,0x21 ,0x93 ,0x58 ,0x53 ,0xd7 ,0xa6 ,0x2f ,0x40  ,0xfa ,0x37 ,0x8e ,0x7a ,0x85 ,0x5b ,0xd3 ,0xa8
+,0x9d ,0xac ,0xa1 ,0x6a ,0x52 ,0xeb ,0x07 ,0x05  ,0x8c ,0x74 ,0x00 ,0xbe ,0xa6 ,0x54 ,0x1b ,0x1d
+,0x73 ,0xa9 ,0x41 ,0x67 ,0xfd ,0xd4 ,0xdb ,0xcd  ,0x49 ,0xed ,0x63 ,0x29 ,0x97 ,0xb5 ,0x6d ,0xea
+,0x69 ,0xbc ,0x24 ,0x2c ,0x1b ,0x09 ,0x32 ,0x09  ,0x65 ,0x99 ,0xc4 ,0xd0 ,0x76 ,0x9a ,0x07 ,0xd9
+,0x69 ,0x5e ,0x30 ,0xbe ,0x6f ,0x67 ,0x0b ,0xa4  ,0x90 ,0xe0 ,0x3e ,0xd7 ,0xf9 ,0xe8 ,0xb6 ,0x20
+,0xc6 ,0xd8 ,0x4e ,0xfd ,0x7e ,0x3f ,0x6f ,0xf3  ,0x97 ,0x09 ,0x82 ,0xec ,0x81 ,0x53 ,0x10 ,0x32
+,0x8c ,0xa8 ,0xfe ,0xf4 ,0x77 ,0x48 ,0x0d ,0x84  ,0x83 ,0x14 ,0xeb ,0xa4 ,0x75 ,0xaa ,0x30 ,0x03
+,0x3a ,0xa5 ,0x54 ,0x7e ,0xb3 ,0x2e ,0x2b ,0x95  ,0xcf ,0x4d ,0x8c ,0x67 ,0x6d ,0xf1 ,0x48 ,0xc1
+,0x96 ,0x0b ,0xb2 ,0x2d ,0x07 ,0x27 ,0x65 ,0xa3  ,0x3b ,0x96 ,0x76 ,0xc4 ,0xa9 ,0x2c ,0x65 ,0xcb
+,0xa4 ,0xaf ,0x75 ,0xec ,0x7c ,0x90 ,0x3a ,0x8e  ,0x78 ,0xa6 ,0xa5 ,0x4a ,0x99 ,0x79 ,0x51 ,0x20
+,0x60 ,0x67 ,0x9a ,0xc8 ,0x96 ,0x03 ,0xa1 ,0x98  ,0xfc ,0x88 ,0x24 ,0x50 ,0xaf ,0xb7 ,0x30 ,0xb7
+,0x68 ,0x8a ,0x83 ,0xbc ,0x62 ,0xff ,0x93 ,0x70  ,0xc7 ,0x72 ,0xf3 ,0x95 ,0x48 ,0xf1 ,0x9c ,0x5e
+,0x1a ,0x66 ,0x2e ,0xa1 ,0x1d ,0x4a ,0xf7 ,0x9d  ,0x04 ,0x52 ,0xdd ,0x19 ,0xfe ,0x1e ,0x4e ,0x2d
+,0x9b ,0x9e ,0x6f ,0x7f ,0x0b ,0x93 ,0x0b ,0x3b  ,0x08 ,0x81 ,0x68 ,0x9b ,0x0d ,0x45 ,0xf7 ,0xd6
+,0x75 ,0xf7 ,0xb6 ,0xbf ,0xa9 ,0x63 ,0x24 ,0xab  ,0x92 ,0x38 ,0x3a ,0xac ,0x04 ,0x69 ,0x14 ,0x7f
+,0x02 ,0x03 ,0x01 ,0x00 ,0x01 ,0xa3 ,0x53 ,0x30  ,0x51 ,0x30 ,0x1d ,0x06 ,0x03 ,0x55 ,0x1d ,0x0e
+,0x04 ,0x16 ,0x04 ,0x14 ,0x89 ,0x84 ,0xb5 ,0xcf  ,0x3e ,0x9d ,0xde ,0xca ,0x8c ,0xc8 ,0x2d ,0xfe
+,0x7e ,0xee ,0x66 ,0x79 ,0xeb ,0x21 ,0xfc ,0xe5  ,0x30 ,0x1f ,0x06 ,0x03 ,0x55 ,0x1d ,0x23 ,0x04
+,0x18 ,0x30 ,0x16 ,0x80 ,0x14 ,0x89 ,0x84 ,0xb5  ,0xcf ,0x3e ,0x9d ,0xde ,0xca ,0x8c ,0xc8 ,0x2d
+,0xfe ,0x7e ,0xee ,0x66 ,0x79 ,0xeb ,0x21 ,0xfc  ,0xe5 ,0x30 ,0x0f ,0x06 ,0x03 ,0x55 ,0x1d ,0x13
+,0x01 ,0x01 ,0xff ,0x04 ,0x05 ,0x30 ,0x03 ,0x01  ,0x01 ,0xff ,0x30 ,0x0d ,0x06 ,0x09 ,0x2a ,0x86
+,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x01 ,0x0b ,0x05  ,0x00 ,0x03 ,0x82 ,0x01 ,0x01 ,0x00 ,0x37 ,0xba
+,0x93 ,0xe4 ,0x7e ,0xcd ,0xb2 ,0xa4 ,0xe2 ,0x75  ,0x37 ,0x53 ,0xbc ,0x43 ,0x47 ,0xc9 ,0x94 ,0x51
+,0xa9 ,0x14 ,0x28 ,0x0a ,0xa6 ,0xa1 ,0x90 ,0x0a  ,0xbc ,0x50 ,0x67 ,0x85 ,0x47 ,0xb7 ,0xfc ,0xe3
+,0xd5 ,0x45 ,0xde ,0x89 ,0x99 ,0x46 ,0xba ,0xff  ,0x32 ,0x45 ,0x70 ,0x22 ,0x84 ,0x9e ,0x35 ,0x9c
+,0x0a ,0xea ,0x63 ,0xf5 ,0xc7 ,0x7c ,0xe0 ,0xc1  ,0x9f ,0xb1 ,0xb6 ,0xe0 ,0xc1 ,0x1c ,0xb1 ,0xba
+,0xeb ,0x6d ,0x53 ,0xde ,0xb2 ,0xf9 ,0xf8 ,0x4a  ,0x2c ,0x48 ,0xf4 ,0x12 ,0xcb ,0x26 ,0x3c ,0xe9
+,0x1c ,0xb1 ,0xd3 ,0x36 ,0x48 ,0xa4 ,0xec ,0x24  ,0x35 ,0xf3 ,0x47 ,0xa9 ,0xf7 ,0xe1 ,0xfb ,0x38
+,0xf0 ,0x23 ,0x46 ,0x02 ,0xf5 ,0x76 ,0xd1 ,0x39  ,0xf9 ,0x58 ,0x50 ,0x5c ,0xe9 ,0x39 ,0xa8 ,0x97
+,0x41 ,0x66 ,0xa0 ,0x8a ,0xb2 ,0xd9 ,0x83 ,0x2d  ,0xed ,0xb0 ,0x49 ,0x2b ,0x6a ,0xc4 ,0xd8 ,0x37
+,0xc0 ,0x6f ,0x51 ,0xab ,0x46 ,0x26 ,0x0f ,0x90  ,0x2b ,0x63 ,0xc2 ,0x87 ,0x75 ,0xaa ,0x47 ,0xbc
+,0xbe ,0x9d ,0x54 ,0x17 ,0x54 ,0xa0 ,0x7c ,0x1b  ,0x58 ,0x82 ,0x3f ,0x44 ,0x0b ,0xc1 ,0xa6 ,0xcc
+,0xe2 ,0x53 ,0xde ,0x6e ,0xf7 ,0x52 ,0x0d ,0x83  ,0xb7 ,0x03 ,0xfd ,0xed ,0x4c ,0xc3 ,0x76 ,0xe6
+,0x14 ,0xb9 ,0xc9 ,0x45 ,0xc0 ,0x40 ,0x45 ,0x4a  ,0x70 ,0x40 ,0xe6 ,0x1a ,0x10 ,0x76 ,0x0c ,0xab
+,0x2b ,0x9e ,0xe9 ,0xfd ,0x29 ,0xcb ,0xf8 ,0xce  ,0x11 ,0xf7 ,0x27 ,0x43 ,0xbb ,0xcd ,0xba ,0x22
+,0x5b ,0x61 ,0x5f ,0x63 ,0x16 ,0xb3 ,0x2b ,0x83  ,0x75 ,0x98 ,0x2e ,0xca ,0x0a ,0x9e ,0x8c ,0x5a
+,0xd5 ,0x77 ,0xb5 ,0xa2 ,0x74 ,0xeb ,0x94 ,0x4f  ,0x8f ,0xf6 ,0xc3 ,0x30 ,0x9c ,0xf4 ,0x6e ,0x9b
+,0x5d ,0xd7 ,0x0f ,0x43 ,0x16 ,0xba ,0x5e ,0xa3  ,0xe3 ,0x8b ,0x8f ,0x74 ,0x27 ,0xaf ,0x31 ,0x82
+,0x01 ,0xb1 ,0x30 ,0x82 ,0x01 ,0xad ,0x02 ,0x01  ,0x01 ,0x30 ,0x81 ,0x85 ,0x30 ,0x78 ,0x31 ,0x0b
+,0x30 ,0x09 ,0x06 ,0x03 ,0x55 ,0x04 ,0x06 ,0x13  ,0x02 ,0x55 ,0x53 ,0x31 ,0x0e ,0x30 ,0x0c ,0x06
+,0x03 ,0x55 ,0x04 ,0x08 ,0x0c ,0x05 ,0x54 ,0x65  ,0x78 ,0x61 ,0x73 ,0x31 ,0x0f ,0x30 ,0x0d ,0x06
+,0x03 ,0x55 ,0x04 ,0x07 ,0x0c ,0x06 ,0x41 ,0x75  ,0x73 ,0x74 ,0x69 ,0x6e ,0x31 ,0x0c ,0x30 ,0x0a
+,0x06 ,0x03 ,0x55 ,0x04 ,0x0a ,0x0c ,0x03 ,0x49  ,0x42 ,0x4d ,0x31 ,0x0c ,0x30 ,0x0a ,0x06 ,0x03
+,0x55 ,0x04 ,0x0b ,0x0c ,0x03 ,0x4c ,0x54 ,0x43  ,0x31 ,0x0b ,0x30 ,0x09 ,0x06 ,0x03 ,0x55 ,0x04
+,0x03 ,0x0c ,0x02 ,0x50 ,0x4b ,0x31 ,0x1f ,0x30  ,0x1d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86 ,0xf7
+,0x0d ,0x01 ,0x09 ,0x01 ,0x16 ,0x10 ,0x6e ,0x61  ,0x79 ,0x6e ,0x6a ,0x61 ,0x69 ,0x6e ,0x40 ,0x69
+,0x62 ,0x6d ,0x2e ,0x63 ,0x6f ,0x6d ,0x02 ,0x09  ,0x00 ,0xda ,0xf3 ,0xf9 ,0x20 ,0x41 ,0x00 ,0xa8
+,0xeb ,0x30 ,0x0d ,0x06 ,0x09 ,0x60 ,0x86 ,0x48  ,0x01 ,0x65 ,0x03 ,0x04 ,0x02 ,0x01 ,0x05 ,0x00
+,0x30 ,0x0d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86  ,0xf7 ,0x0d ,0x01 ,0x01 ,0x01 ,0x05 ,0x00 ,0x04
+,0x82 ,0x01 ,0x00 ,0x9a ,0x63 ,0x09 ,0xe0 ,0x7f  ,0xb8 ,0x20 ,0xd5 ,0x19 ,0x63 ,0x05 ,0x37 ,0x22
+,0x8d ,0xe4 ,0x03 ,0x0e ,0xd1 ,0x62 ,0x05 ,0x90  ,0xb4 ,0x49 ,0x9b ,0x03 ,0x1c ,0x4b ,0xd8 ,0x0f
+,0x0f ,0xf5 ,0x43 ,0x17 ,0xe9 ,0xf6 ,0xb4 ,0x5f  ,0x41 ,0x0f ,0xc1 ,0x7e ,0x92 ,0x5d ,0x39 ,0x53
+,0xd7 ,0x5c ,0x7a ,0x0b ,0x00 ,0x71 ,0x62 ,0x29  ,0x7c ,0xb2 ,0xf7 ,0x85 ,0xc6 ,0x77 ,0x34 ,0x9c
+,0x6c ,0xdc ,0x08 ,0x8d ,0x11 ,0x93 ,0x5c ,0x8c  ,0x0d ,0x76 ,0xc0 ,0x27 ,0xc2 ,0x1f ,0x15 ,0x32
+,0x72 ,0xdc ,0xff ,0xfc ,0xf1 ,0x56 ,0xbd ,0x82  ,0xe4 ,0xe4 ,0xc0 ,0xbd ,0x76 ,0xaa ,0x99 ,0x16
+,0x89 ,0x26 ,0x43 ,0x2c ,0xef ,0xa8 ,0xd4 ,0x2e  ,0x01 ,0x77 ,0x13 ,0x32 ,0xbe ,0xdc ,0xea ,0xaf
+,0xc0 ,0x18 ,0x4d ,0x90 ,0xb5 ,0x8d ,0x07 ,0xd7  ,0x86 ,0x21 ,0x71 ,0x3f ,0xf7 ,0x18 ,0xa9 ,0x41
+,0x3b ,0x97 ,0xf9 ,0x4f ,0xe8 ,0x3a ,0x91 ,0x8b  ,0xe8 ,0xf1 ,0xae ,0x99 ,0x63 ,0x5d ,0xc1 ,0x63
+,0xc2 ,0x74 ,0xdf ,0xeb ,0x3e ,0x10 ,0xa5 ,0x34  ,0x24 ,0x95 ,0x1d ,0xba ,0xd2 ,0xa0 ,0xae ,0x78
+,0x94 ,0x0b ,0xfd ,0x75 ,0x4b ,0x55 ,0x4c ,0x1d  ,0x75 ,0x91 ,0xc9 ,0xd0 ,0x1c ,0x48 ,0x01 ,0x84
+,0x35 ,0xbd ,0xcd ,0xbf ,0xbc ,0x5b ,0xd0 ,0x83  ,0xf4 ,0x0d ,0x19 ,0x4f ,0x9c ,0xa7 ,0xfe ,0x60
+,0x24 ,0x9b ,0x06 ,0x9d ,0x7e ,0xe5 ,0x3b ,0x69  ,0x7f ,0x6a ,0x09 ,0x73 ,0xb9 ,0x7d ,0x23 ,0x70
+,0x6e ,0x70 ,0x5e ,0x20 ,0x67 ,0xda ,0x65 ,0xfe  ,0x27 ,0x07 ,0x27 ,0xee ,0x38 ,0x22 ,0xd1 ,0x12
+,0x94 ,0xf6 ,0x8c ,0x14 ,0x95 ,0xd7 ,0x8e ,0xc6  ,0x43 ,0x71 ,0xc1 ,0xcf ,0x96 ,0xcb ,0x7b ,0xa7
+,0x98 ,0x7b ,0x83 ,0x65 ,0x2c ,0xd9 ,0x9f ,0xb3  ,0xff ,0x05 ,0xa3 ,0x70 ,0xc0 ,0x52 ,0x8c ,0xf3
+,0x2c ,0x2e ,0x3d ,0xa1 ,0x59 ,0xc0 ,0xa5 ,0xe4  ,0x94 ,0xa7 ,0x4a ,0x87 ,0xb5 ,0xab ,0x15 ,0x5c
+,0x2b ,0xf0 ,0x72 ,0xf8 ,0x03 ,0x00 ,0x00 ,0x00  ,0x00 ,0x00 ,0x00 ,0xdc ,0x03 ,0x00 ,0x00 ,0x00
+,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00  ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x00 ,0x30
+,0x82 ,0x03 ,0xc8 ,0x30 ,0x82 ,0x02 ,0xb0 ,0xa0  ,0x03 ,0x02 ,0x01 ,0x02 ,0x02 ,0x09 ,0x00 ,0xb0
+,0x40 ,0xaf ,0x25 ,0xfd ,0xbc ,0xd9 ,0xb1 ,0x30  ,0x0d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86 ,0xf7
+,0x0d ,0x01 ,0x01 ,0x0b ,0x05 ,0x00 ,0x30 ,0x79  ,0x31 ,0x0b ,0x30 ,0x09 ,0x06 ,0x03 ,0x55 ,0x04
+,0x06 ,0x13 ,0x02 ,0x55 ,0x53 ,0x31 ,0x0e ,0x30  ,0x0c ,0x06 ,0x03 ,0x55 ,0x04 ,0x08 ,0x0c ,0x05
+,0x54 ,0x65 ,0x78 ,0x61 ,0x73 ,0x31 ,0x0f ,0x30  ,0x0d ,0x06 ,0x03 ,0x55 ,0x04 ,0x07 ,0x0c ,0x06
+,0x41 ,0x75 ,0x73 ,0x74 ,0x69 ,0x6e ,0x31 ,0x0c  ,0x30 ,0x0a ,0x06 ,0x03 ,0x55 ,0x04 ,0x0a ,0x0c
+,0x03 ,0x49 ,0x42 ,0x4d ,0x31 ,0x0c ,0x30 ,0x0a  ,0x06 ,0x03 ,0x55 ,0x04 ,0x0b ,0x0c ,0x03 ,0x4c
+,0x54 ,0x43 ,0x31 ,0x0c ,0x30 ,0x0a ,0x06 ,0x03  ,0x55 ,0x04 ,0x03 ,0x0c ,0x03 ,0x4b ,0x45 ,0x4b
+,0x31 ,0x1f ,0x30 ,0x1d ,0x06 ,0x09 ,0x2a ,0x86  ,0x48 ,0x86 ,0xf7 ,0x0d ,0x01 ,0x09 ,0x01 ,0x16
+,0x10 ,0x6e ,0x61 ,0x79 ,0x6e ,0x6a ,0x61 ,0x69  ,0x6e ,0x40 ,0x69 ,0x62 ,0x6d ,0x2e ,0x63 ,0x6f
+,0x6d ,0x30 ,0x1e ,0x17 ,0x0d ,0x32 ,0x30 ,0x30  ,0x39 ,0x31 ,0x34 ,0x31 ,0x35 ,0x35 ,0x30 ,0x35
+,0x35 ,0x5a ,0x17 ,0x0d ,0x32 ,0x31 ,0x30 ,0x39  ,0x31 ,0x34 ,0x31 ,0x35 ,0x35 ,0x30 ,0x35 ,0x35
+,0x5a ,0x30 ,0x79 ,0x31 ,0x0b ,0x30 ,0x09 ,0x06  ,0x03 ,0x55 ,0x04 ,0x06 ,0x13 ,0x02 ,0x55 ,0x53
+,0x31 ,0x0e ,0x30 ,0x0c ,0x06 ,0x03 ,0x55 ,0x04  ,0x08 ,0x0c ,0x05 ,0x54 ,0x65 ,0x78 ,0x61 ,0x73
+,0x31 ,0x0f ,0x30 ,0x0d ,0x06 ,0x03 ,0x55 ,0x04  ,0x07 ,0x0c ,0x06 ,0x41 ,0x75 ,0x73 ,0x74 ,0x69
+,0x6e ,0x31 ,0x0c ,0x30 ,0x0a ,0x06 ,0x03 ,0x55  ,0x04 ,0x0a ,0x0c ,0x03 ,0x49 ,0x42 ,0x4d ,0x31
+,0x0c ,0x30 ,0x0a ,0x06 ,0x03 ,0x55 ,0x04 ,0x0b  ,0x0c ,0x03 ,0x4c ,0x54 ,0x43 ,0x31 ,0x0c ,0x30
+,0x0a ,0x06 ,0x03 ,0x55 ,0x04 ,0x03 ,0x0c ,0x03  ,0x4b ,0x45 ,0x4b ,0x31 ,0x1f ,0x30 ,0x1d ,0x06
+,0x09 ,0x2a ,0x86 ,0x48 ,0x86 ,0xf7 ,0x0d ,0x01  ,0x09 ,0x01 ,0x16 ,0x10 ,0x6e ,0x61 ,0x79 ,0x6e
+,0x6a ,0x61 ,0x69 ,0x6e ,0x40 ,0x69 ,0x62 ,0x6d  ,0x2e ,0x63 ,0x6f ,0x6d ,0x30 ,0x82 ,0x01 ,0x22
+,0x30 ,0x0d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86  ,0xf7 ,0x0d ,0x01 ,0x01 ,0x01 ,0x05 ,0x00 ,0x03
+,0x82 ,0x01 ,0x0f ,0x00 ,0x30 ,0x82 ,0x01 ,0x0a  ,0x02 ,0x82 ,0x01 ,0x01 ,0x00 ,0xc1 ,0xeb ,0xb8
+,0xf7 ,0x3f ,0x53 ,0xb6 ,0xa1 ,0x8a ,0x3f ,0xca  ,0x99 ,0x56 ,0xbc ,0x3b ,0xdf ,0xbf ,0x70 ,0x0a
+,0x78 ,0x5b ,0x06 ,0xc1 ,0xeb ,0xbe ,0x4e ,0xd7  ,0xd9 ,0xe9 ,0x57 ,0x1f ,0xc4 ,0xf4 ,0xe5 ,0x78
+,0xb6 ,0x14 ,0xda ,0x87 ,0x43 ,0x31 ,0xad ,0x6d  ,0x9f ,0xae ,0x6c ,0x44 ,0xe3 ,0x12 ,0xe4 ,0xf1
+,0xa4 ,0x81 ,0xf8 ,0x7d ,0x09 ,0x0e ,0xa6 ,0x6a  ,0xe1 ,0xf7 ,0xcb ,0xe9 ,0x63 ,0xd6 ,0xd6 ,0x58
+,0x28 ,0x10 ,0xf2 ,0xb9 ,0xcf ,0xd7 ,0x85 ,0x95  ,0x0b ,0x24 ,0x51 ,0xe8 ,0x5a ,0x08 ,0x74 ,0xbc
+,0x42 ,0x9b ,0xd6 ,0x84 ,0xcd ,0x5e ,0xe5 ,0x61  ,0x83 ,0x7c ,0x5f ,0x0e ,0x3a ,0x9d ,0x3d ,0x6d
+,0x84 ,0xe2 ,0xc0 ,0x26 ,0x64 ,0x35 ,0x80 ,0x6c  ,0xb1 ,0x37 ,0x72 ,0x38 ,0x00 ,0xa0 ,0x90 ,0x51
+,0xd3 ,0x64 ,0x01 ,0x62 ,0x70 ,0xf8 ,0xa4 ,0xe4  ,0xc8 ,0x87 ,0x4c ,0xe1 ,0x76 ,0xd7 ,0xe6 ,0xbf
+,0xed ,0x08 ,0xba ,0xde ,0x42 ,0x90 ,0x00 ,0xb7  ,0x19 ,0x81 ,0x91 ,0xd0 ,0x18 ,0xcb ,0x03 ,0xe6
+,0xf5 ,0xf9 ,0x31 ,0x2b ,0x56 ,0xc3 ,0x21 ,0x39  ,0x4d ,0x9a ,0x63 ,0x0a ,0xb7 ,0x1c ,0xa9 ,0xdc
+,0xce ,0xa9 ,0xc4 ,0xe0 ,0x0a ,0xa4 ,0x53 ,0x8f  ,0x78 ,0xd1 ,0xc0 ,0x3f ,0xc2 ,0x8e ,0x8a ,0x37
+,0x52 ,0x42 ,0x60 ,0x97 ,0xb3 ,0x53 ,0xaa ,0xa4  ,0x4f ,0x98 ,0x7e ,0xa5 ,0x2a ,0xe1 ,0x52 ,0xfa
+,0x9f ,0xc1 ,0x32 ,0xf7 ,0x15 ,0x12 ,0x62 ,0x6b  ,0x5a ,0x4d ,0xfe ,0x22 ,0x8d ,0x88 ,0x87 ,0xfd
+,0x83 ,0x2f ,0xaa ,0x1a ,0xb8 ,0xad ,0x3d ,0x4f  ,0xdc ,0xe0 ,0x39 ,0x8b ,0x88 ,0xed ,0xc6 ,0xf5
+,0xee ,0x32 ,0xea ,0xd6 ,0x25 ,0xcf ,0x91 ,0x66  ,0x77 ,0x4c ,0xa1 ,0x0c ,0x6a ,0x7b ,0x6e ,0xb2
+,0x72 ,0xa8 ,0xf4 ,0xc7 ,0xeb ,0xa4 ,0x91 ,0xda  ,0x5d ,0x14 ,0xf9 ,0x9e ,0xe9 ,0x02 ,0x03 ,0x01
+,0x00 ,0x01 ,0xa3 ,0x53 ,0x30 ,0x51 ,0x30 ,0x1d  ,0x06 ,0x03 ,0x55 ,0x1d ,0x0e ,0x04 ,0x16 ,0x04
+,0x14 ,0x78 ,0x48 ,0xa9 ,0x71 ,0x20 ,0x25 ,0xcf  ,0x26 ,0xe8 ,0x18 ,0x91 ,0x75 ,0xd6 ,0xad ,0xb1
+,0x5f ,0x7f ,0x6b ,0x7f ,0x6d ,0x30 ,0x1f ,0x06  ,0x03 ,0x55 ,0x1d ,0x23 ,0x04 ,0x18 ,0x30 ,0x16
+,0x80 ,0x14 ,0x78 ,0x48 ,0xa9 ,0x71 ,0x20 ,0x25  ,0xcf ,0x26 ,0xe8 ,0x18 ,0x91 ,0x75 ,0xd6 ,0xad
+,0xb1 ,0x5f ,0x7f ,0x6b ,0x7f ,0x6d ,0x30 ,0x0f  ,0x06 ,0x03 ,0x55 ,0x1d ,0x13 ,0x01 ,0x01 ,0xff
+,0x04 ,0x05 ,0x30 ,0x03 ,0x01 ,0x01 ,0xff ,0x30  ,0x0d ,0x06 ,0x09 ,0x2a ,0x86 ,0x48 ,0x86 ,0xf7
+,0x0d ,0x01 ,0x01 ,0x0b ,0x05 ,0x00 ,0x03 ,0x82  ,0x01 ,0x01 ,0x00 ,0x7a ,0xc8 ,0xc9 ,0x0e ,0x45
+,0x1c ,0xa6 ,0xce ,0xd5 ,0xdb ,0x9c ,0x5d ,0x95  ,0x8b ,0x8b ,0xbc ,0x90 ,0xca ,0x98 ,0xd1 ,0xe9
+,0x4b ,0xfb ,0xf3 ,0xef ,0x48 ,0xb0 ,0x9e ,0x0d  ,0x95 ,0x0f ,0x3a ,0xa0 ,0xb6 ,0x93 ,0x9f ,0xc6
+,0xf7 ,0xca ,0xca ,0xf1 ,0x04 ,0x90 ,0x4d ,0x6b  ,0x57 ,0xc1 ,0xe5 ,0x85 ,0xfd ,0x87 ,0x09 ,0xe5
+,0xaf ,0x98 ,0x89 ,0x32 ,0x27 ,0x35 ,0x85 ,0xcf  ,0xe1 ,0x1f ,0xaf ,0xc0 ,0x8c ,0x3f ,0x2a ,0xba
+,0xa4 ,0xfc ,0xaa ,0x40 ,0x02 ,0x7c ,0x57 ,0xd9  ,0x73 ,0xc6 ,0xc0 ,0x59 ,0xcb ,0x47 ,0x71 ,0x07
+,0x1a ,0xfe ,0x46 ,0xb1 ,0x81 ,0x14 ,0x6b ,0xa5  ,0xeb ,0xe7 ,0x9c ,0x2b ,0x87 ,0xee ,0x72 ,0x96
+,0xe0 ,0xb0 ,0x11 ,0x86 ,0x33 ,0x95 ,0xdf ,0x6e  ,0x9c ,0x3f ,0x0f ,0xc1 ,0x46 ,0x8c ,0x53 ,0x12
+,0xf1 ,0xd9 ,0xa8 ,0xee ,0x04 ,0xc5 ,0x71 ,0x52  ,0x22 ,0x13 ,0x0f ,0x91 ,0x0c ,0x73 ,0xca ,0x34
+,0xb1 ,0x36 ,0x5f ,0x8c ,0x2e ,0x0f ,0x3a ,0x04  ,0x42 ,0xfe ,0x45 ,0x82 ,0x29 ,0x56 ,0x5e ,0xe5
+,0x4c ,0xeb ,0x4b ,0xa6 ,0xe5 ,0xe0 ,0x1d ,0x74  ,0xc0 ,0x5a ,0x2f ,0x42 ,0xa5 ,0xf2 ,0x65 ,0xd5
+,0x4d ,0x3b ,0x22 ,0xd2 ,0x96 ,0x42 ,0xcf ,0xbd  ,0xd7 ,0x8b ,0x37 ,0x7a ,0xb6 ,0xd9 ,0xd4 ,0xd7
+,0x45 ,0x47 ,0x3b ,0x3c ,0xb3 ,0xd9 ,0x29 ,0x69  ,0x91 ,0x7d ,0x4c ,0x06 ,0xad ,0x6c ,0xea ,0x62
+,0xf1 ,0xf7 ,0xec ,0x67 ,0xae ,0xd5 ,0x43 ,0xd0  ,0xab ,0xb8 ,0xbf ,0xa4 ,0x28 ,0xd4 ,0x75 ,0xd2
+,0x3f ,0x53 ,0x5d ,0xa8 ,0x09 ,0x46 ,0x89 ,0x7f  ,0x84 ,0x36 ,0xad ,0x78 ,0x41 ,0x03 ,0xf4 ,0xc4
+,0x43 ,0x43 ,0xdc ,0x52 ,0xc6 ,0xff ,0xab ,0xd6  ,0x8c ,0x7f ,0xc0 ,0xab ,0x67 ,0x5b ,0x0b ,0xa9
+,0x6a ,0xd2 ,0x85 ,0x71 ,0x9f ,0xc2 ,0xf1 ,0x96  ,0xd2 ,0x41 ,0xb0 };
+
+unsigned int KEKpkcs7corrupt_auth_len = 2523;
diff --git a/libstb/secvar/test/secvar-test-edk2-compat.c b/libstb/secvar/test/secvar-test-edk2-compat.c
index 4952a4b3d555..d715b17ec817 100644
--- a/libstb/secvar/test/secvar-test-edk2-compat.c
+++ b/libstb/secvar/test/secvar-test-edk2-compat.c
@@ -14,6 +14,7 @@
 #include "./data/malformedkek.h"
 #include "./data/trimmedKEK.h"
 #include "./data/KEKeslcorrupt.h"
+#include "./data/KEKpkcs7corrupt.h"
 #include "./data/db.h"
 #include "./data/dbsigneddata.h"
 #include "./data/OldTSKEK.h"
@@ -289,6 +290,20 @@ int run_test()
 	ASSERT(NULL != tmp);
 	ASSERT(0 == tmp->data_size);
 
+	/* KEK with corrupted pkcs7, used to leak memory */
+	printf("KEK with corrupt PKCS#7 message\n");
+	tmp = new_secvar("KEK", 4, KEKpkcs7corrupt_auth, KEKpkcs7corrupt_auth_len, 0);
+	ASSERT(0 == edk2_compat_validate(tmp));
+	list_add_tail(&update_bank, &tmp->link);
+	ASSERT(1 == list_length(&update_bank));
+
+	rc = edk2_compat_process(&variable_bank, &update_bank);
+	ASSERT(OPAL_PARAMETER == rc);
+	ASSERT(5 == list_length(&variable_bank));
+	ASSERT(0 == list_length(&update_bank));
+	tmp = find_secvar("KEK", 4, &variable_bank);
+	ASSERT(NULL != tmp);
+	ASSERT(0 == tmp->data_size);
 
 	/* Add valid KEK, .process(), succeeds. */
 	printf("Add KEK");
-- 
2.30.2



More information about the Skiboot-stable mailing list