From ca79eeb7b9a437e8cc2d8fe412c57fbce1a58d17 Mon Sep 17 00:00:00 2001
From: Erik Boasson <eb@ilities.com>
Date: Sat, 6 Jun 2020 12:42:42 +0200
Subject: [PATCH] Fix error handling in generating test signatures

Failure to generate a signature for in handshake tests attempted to free
the address of the pointer, instead of the pointed-to memory (CID
304462).

Signed-off-by: Erik Boasson <eb@ilities.com>
---
 .../tests/common/src/handshake_helper.c       |  8 +++---
 .../src/listeners_authentication_utests.c     | 26 ++++++++++---------
 .../src/process_handshake_utests.c            | 16 +++++++-----
 3 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/src/security/builtin_plugins/tests/common/src/handshake_helper.c b/src/security/builtin_plugins/tests/common/src/handshake_helper.c
index ae755f8..de431ff 100644
--- a/src/security/builtin_plugins/tests/common/src/handshake_helper.c
+++ b/src/security/builtin_plugins/tests/common/src/handshake_helper.c
@@ -157,8 +157,7 @@ screate_asymmetrical_signature_for_test(
         goto err_sign;
     }
 
-    //*signature = ddsrt_malloc(sizeof(unsigned char) * (*signatureLen));
-    *signature = OPENSSL_malloc(*signatureLen);
+    *signature = ddsrt_malloc(*signatureLen);
     if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
         char *msg = get_openssl_error_message_for_test();
         result = DDS_SECURITY_VALIDATION_FAILED;
@@ -550,14 +549,13 @@ create_asymmetrical_signature_for_test(
         goto err_sign;
     }
 
-    //*signature = os_malloc(sizeof(unsigned char) * (*signatureLen));
-    *signature = OPENSSL_malloc(*signatureLen);
+    *signature = ddsrt_malloc(*signatureLen);
     if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
         char *msg = get_openssl_error_message_for_test();
         result = DDS_SECURITY_VALIDATION_FAILED;
         DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
         ddsrt_free(msg);
-        ddsrt_free(signature);
+        ddsrt_free(*signature);
     }
 
     err_sign:
diff --git a/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c b/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
index fb27369..b817b0a 100644
--- a/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
+++ b/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
@@ -1235,14 +1235,13 @@ create_asymmetrical_signature_for_test(
         goto err_sign;
     }
 
-    //*signature = ddsrt_malloc(sizeof(unsigned char) * (*signatureLen));
-    *signature = OPENSSL_malloc(*signatureLen);
+    *signature = ddsrt_malloc(*signatureLen);
     if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
         char *msg = get_openssl_error_message_for_test();
         result = DDS_SECURITY_VALIDATION_FAILED;
         DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
         ddsrt_free(msg);
-        ddsrt_free(signature);
+        ddsrt_free(*signature);
     }
 
 err_sign:
@@ -1777,12 +1776,13 @@ fill_handshake_message_token(
             {
                 printf("Exception: %s\n", exception.message);
             }
-            CU_ASSERT_FATAL (rc == DDS_SECURITY_VALIDATION_OK);
-            assert(rc == DDS_SECURITY_VALIDATION_OK); // for Clang's static analyzer
-
-            set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
-
-            ddsrt_free(sign);
+            else
+            {
+                CU_ASSERT_FATAL (rc == DDS_SECURITY_VALIDATION_OK);
+                assert(rc == DDS_SECURITY_VALIDATION_OK); // for Clang's static analyzer
+                set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
+                ddsrt_free(sign);
+            }
             EVP_PKEY_free(private_key_x509);
             BIO_free(bio);
         }
@@ -1865,9 +1865,11 @@ fill_handshake_message_token(
             {
                 printf("Exception: %s\n", exception.message);
             }
-            set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
-
-            ddsrt_free(sign);
+            else
+            {
+                set_binary_property_value(signature, "signature", sign, (uint32_t)signlen);
+                ddsrt_free(sign);
+            }
             EVP_PKEY_free(private_key_x509);
             BIO_free(bio);
         }
diff --git a/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c b/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
index d342cfb..797f4a2 100644
--- a/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
+++ b/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
@@ -1360,9 +1360,11 @@ fill_handshake_message_token(
             {
                 printf("Exception: %s\n", exception.message);
             }
-            set_binary_property_value(signature, "signature", sign, (uint32_t ) signlen);
-
-            ddsrt_free(sign);
+            else
+            {
+                set_binary_property_value(signature, "signature", sign, (uint32_t ) signlen);
+                ddsrt_free(sign);
+            }
             EVP_PKEY_free(private_key_x509);
             BIO_free(bio);
         }
@@ -1445,9 +1447,11 @@ fill_handshake_message_token(
             {
                 printf("Exception: %s\n", exception.message);
             }
-            set_binary_property_value(signature, "signature", sign, (uint32_t) signlen);
-
-            ddsrt_free(sign);
+            else
+            {
+                set_binary_property_value(signature, "signature", sign, (uint32_t) signlen);
+                ddsrt_free(sign);
+            }
             EVP_PKEY_free(private_key_x509);
             BIO_free(bio);
         }