summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-09-15 12:39:15 +0200
committerChristian Grothoff <christian@grothoff.org>2019-09-15 12:39:15 +0200
commitebd2e7d763689430d37386903ac190da4943ce2c (patch)
tree52e62b3005e39923590b300dfa04a37fb88354a0
parenta3d272eb9d1fdb130e98fc9d67198106a2aef53d (diff)
downloadexchange-ebd2e7d763689430d37386903ac190da4943ce2c.tar.gz
exchange-ebd2e7d763689430d37386903ac190da4943ce2c.tar.bz2
exchange-ebd2e7d763689430d37386903ac190da4943ce2c.zip
fix leaks and unnecessary fetch of RSA signature on refresh/reveal
-rw-r--r--src/exchange/taler-exchange-httpd_refresh_reveal.c20
-rw-r--r--src/exchangedb/plugin_exchangedb_postgres.c9
-rw-r--r--src/exchangedb/test_exchangedb.c9
-rw-r--r--src/include/taler_exchangedb_plugin.h4
-rw-r--r--src/lib/exchange_api_handle.c11
5 files changed, 20 insertions, 33 deletions
diff --git a/src/exchange/taler-exchange-httpd_refresh_reveal.c b/src/exchange/taler-exchange-httpd_refresh_reveal.c
index a84e5dea7..8746ba5d0 100644
--- a/src/exchange/taler-exchange-httpd_refresh_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refresh_reveal.c
@@ -273,20 +273,6 @@ refresh_reveal_preflight (void *cls,
/**
- * Helper function for #refresh_reveal_transaction() to free internal
- * state of @a refresh_melt (but not the pointer itself!).
- *
- * @param refresh_melt memory to clean up
- */
-static void
-free_refresh_melt (struct TALER_EXCHANGEDB_RefreshMelt *refresh_melt)
-{
- GNUNET_CRYPTO_rsa_signature_free (
- refresh_melt->session.coin.denom_sig.rsa_signature);
-}
-
-
-/**
* Execute a "/refresh/reveal". The client is revealing to us the
* transfer keys for @a #TALER_CNC_KAPPA-1 sets of coins. Verify that the
* revealed transfer keys would allow linkage to the blinded coins.
@@ -335,8 +321,6 @@ refresh_reveal_transaction (void *cls,
GNUNET_break (0);
*mhd_ret = TEH_RESPONSE_reply_internal_db_error (connection,
TALER_EC_REFRESH_REVEAL_DB_FETCH_SESSION_ERROR);
- if (refresh_melt.session.noreveal_index >= TALER_CNC_KAPPA)
- free_refresh_melt (&refresh_melt);
return GNUNET_DB_STATUS_HARD_ERROR;
}
@@ -424,7 +408,6 @@ refresh_reveal_transaction (void *cls,
GNUNET_break_op (0);
*mhd_ret = reply_refresh_reveal_missmatch (connection,
&rc_expected);
- free_refresh_melt (&refresh_melt);
return GNUNET_DB_STATUS_HARD_ERROR;
}
} /* end of checking "rc_expected" */
@@ -457,7 +440,6 @@ refresh_reveal_transaction (void *cls,
*mhd_ret = TEH_RESPONSE_reply_internal_error (connection,
TALER_EC_REFRESH_REVEAL_COST_CALCULATION_OVERFLOW,
"failed to add up refresh costs");
- free_refresh_melt (&refresh_melt);
return GNUNET_DB_STATUS_HARD_ERROR;
}
}
@@ -468,11 +450,9 @@ refresh_reveal_transaction (void *cls,
*mhd_ret = TEH_RESPONSE_reply_external_error (connection,
TALER_EC_REFRESH_REVEAL_AMOUNT_INSUFFICIENT,
"melted coin value is insufficient to cover cost of operation");
- free_refresh_melt (&refresh_melt);
return GNUNET_DB_STATUS_HARD_ERROR;
}
}
- free_refresh_melt (&refresh_melt);
return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
}
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c
index acd6e9278..17894281b 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -887,7 +887,6 @@ postgres_prepare (PGconn *db_conn)
" kc.denom_pub_hash"
",denom.fee_refresh_val"
",denom.fee_refresh_frac"
- ",kc.denom_sig"
",old_coin_pub"
",old_coin_sig"
",amount_with_fee_val"
@@ -3729,7 +3728,9 @@ postgres_select_refunds_by_coin (void *cls,
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param session database handle to use, NULL if not run in any transaction
* @param rc commitment hash to use to locate the operation
- * @param[out] refresh_melt where to store the result
+ * @param[out] refresh_melt where to store the result; note that
+ * refresh_melt->session.coin.denom_sig will be set to NULL
+ * and is not fetched by this routine (as it is not needed by the client)
* @return transaction status
*/
static enum GNUNET_DB_QueryStatus
@@ -3749,9 +3750,6 @@ postgres_get_melt (void *cls,
denom_pub_hash),
TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
&refresh_melt->melt_fee),
- GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
- &refresh_melt->session.coin.denom_sig.
- rsa_signature),
GNUNET_PQ_result_spec_uint32 ("noreveal_index",
&refresh_melt->session.noreveal_index),
GNUNET_PQ_result_spec_auto_from_type ("old_coin_pub",
@@ -3764,6 +3762,7 @@ postgres_get_melt (void *cls,
};
enum GNUNET_DB_QueryStatus qs;
+ refresh_melt->session.coin.denom_sig.rsa_signature = NULL;
if (NULL == session)
session = postgres_get_session (pg);
qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn,
diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c
index 7033f728e..6c48f3a19 100644
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@@ -562,19 +562,14 @@ test_melting (struct TALER_EXCHANGEDB_Session *session)
GNUNET_memcmp (&refresh_session.rc, &ret_refresh_session.session.rc));
FAILIF (0 != GNUNET_memcmp (&refresh_session.coin_sig,
&ret_refresh_session.session.coin_sig));
- FAILIF (0 !=
- GNUNET_CRYPTO_rsa_signature_cmp (
- refresh_session.coin.denom_sig.rsa_signature,
- ret_refresh_session.session.coin.
- denom_sig.rsa_signature));
+ FAILIF (NULL !=
+ ret_refresh_session.session.coin.denom_sig.rsa_signature);
FAILIF (0 != memcmp (&refresh_session.coin.coin_pub,
&ret_refresh_session.session.coin.coin_pub,
sizeof (refresh_session.coin.coin_pub)));
FAILIF (0 !=
GNUNET_memcmp (&refresh_session.coin.denom_pub_hash,
&ret_refresh_session.session.coin.denom_pub_hash));
- GNUNET_CRYPTO_rsa_signature_free (
- ret_refresh_session.session.coin.denom_sig.rsa_signature);
/* test 'select_refreshs_above_serial_id' */
auditor_row_cnt = 0;
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index 11404959d..90643d62e 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -1827,7 +1827,9 @@ struct TALER_EXCHANGEDB_Plugin
* @param cls the @e cls of this struct with the plugin-specific state
* @param session database handle to use
* @param rc commitment to use for the lookup
- * @param[out] refresh_melt where to store the result
+ * @param[out] refresh_melt where to store the result; note that
+ * refresh_melt->session.coin.denom_sig will be set to NULL
+ * and is not fetched by this routine (as it is not needed by the client)
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
diff --git a/src/lib/exchange_api_handle.c b/src/lib/exchange_api_handle.c
index 80a07318b..8e523e3b4 100644
--- a/src/lib/exchange_api_handle.c
+++ b/src/lib/exchange_api_handle.c
@@ -1024,7 +1024,12 @@ decode_keys_json (const json_t *resp_obj,
}
}
if (GNUNET_YES == found)
+ {
+ GNUNET_array_grow (ai.denom_keys,
+ ai.num_denom_keys,
+ 0);
continue; /* we are done */
+ }
if (key_data->auditors_size == key_data->num_auditors)
GNUNET_array_grow (key_data->auditors,
key_data->auditors_size,
@@ -1564,11 +1569,15 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
return;
}
if (0 != version)
+ {
+ GNUNET_JSON_parse_free (spec);
return; /* unsupported version */
+ }
if (0 != strcmp (url,
exchange->url))
{
GNUNET_break (0);
+ GNUNET_JSON_parse_free (spec);
return;
}
memset (&key_data,
@@ -1581,6 +1590,7 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
&vc))
{
GNUNET_break (0);
+ GNUNET_JSON_parse_free (spec);
return;
}
/* decode successful, initialize with the result */
@@ -1594,6 +1604,7 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
exchange->cert_cb (exchange->cert_cb_cls,
&exchange->key_data,
vc);
+ GNUNET_JSON_parse_free (spec);
}