Fix mem leaks

2025-07-20 09:57:37 +02:00 · 2024-06-06 21:54:39 +02:00 · 2024-06-06 21:54:39 +02:00 · d9c394e0fa
commit d9c394e0fa
parent 9ed99f344b
2 changed files with 26 additions and 26 deletions
--- a/common/jwt.cpp
+++ b/common/jwt.cpp
@ -23,12 +23,6 @@
 #include "common/aixlog.hpp"
 #include "common/base64.h"
 #include "common/utils/string_utils.hpp"
-#include <chrono>
-#include <cstdint>
-#include <exception>
-#include <openssl/x509.h>
-#include <optional>
-#include <sys/types.h>

 // 3rd party headers
 #include <openssl/aes.h>
@ -38,9 +32,16 @@
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
 #include <openssl/ssl.h>
-#include <vector>
+#include <openssl/x509.h>

 // standard headers
+#include <chrono>
+#include <cstdint>
+#include <exception>
+#include <memory>
+#include <optional>
+#include <sys/types.h>
+#include <vector>


 static constexpr auto LOG_TAG = "JWT";
@ -107,8 +108,8 @@ EVP_PKEY* readCert(const std::string& key)
        // Copies the data pointer. D2I functions update it
        const auto* data_pkey = reinterpret_cast<const uint8_t*>(data);
        // Detects type and decodes the private key
-        X509* x509 = d2i_X509(nullptr, &data_pkey, datalen);
-        EVP_PKEY* pkey = X509_get_pubkey(x509);
+        std::shared_ptr<X509> x509(d2i_X509(nullptr, &data_pkey, datalen), [](auto* p) { X509_free(p); });
+        EVP_PKEY* pkey = X509_get_pubkey(x509.get());
        if (pkey == nullptr)
        {
            LOG(ERROR, LOG_TAG) << "d2i_AutoPrivateKey failed\n";
@ -158,24 +159,23 @@ bool sign(const std::string& pem_key, const std::string& msg, std::vector<unsign
 }


-bool verifySignature(const std::string& pem_cert, unsigned char* MsgHash, size_t MsgHashLen, const char* Msg, size_t MsgLen, bool& Authentic)
+bool verifySignature(const std::string& pem_cert, const unsigned char* MsgHash, size_t MsgHashLen, const char* Msg, size_t MsgLen, bool& Authentic)
 {
    Authentic = false;
    std::shared_ptr<EVP_PKEY> key(readCert(pem_cert), [](auto p) { EVP_PKEY_free(p); });
-    EVP_MD_CTX* ctx = EVP_MD_CTX_create();
+    std::shared_ptr<EVP_MD_CTX> ctx(EVP_MD_CTX_create(), [](auto p) { EVP_MD_CTX_free(p); });

-    if (EVP_DigestVerifyInit(ctx, nullptr, EVP_sha256(), nullptr, key.get()) <= 0)
+    if (EVP_DigestVerifyInit(ctx.get(), nullptr, EVP_sha256(), nullptr, key.get()) <= 0)
    {
        LOG(ERROR, LOG_TAG) << "EVP_DigestVerifyInit failed\n";
        return false;
    }
-    if (EVP_DigestVerifyUpdate(ctx, Msg, MsgLen) <= 0)
+    if (EVP_DigestVerifyUpdate(ctx.get(), Msg, MsgLen) <= 0)
    {
        LOG(ERROR, LOG_TAG) << "EVP_DigestVerifyInit failed\n";
        return false;
    }
-    int authStatus = EVP_DigestVerifyFinal(ctx, MsgHash, MsgHashLen);
-    EVP_MD_CTX_free(ctx);
+    int authStatus = EVP_DigestVerifyFinal(ctx.get(), MsgHash, MsgHashLen);
    if (authStatus == 1)
    {
        Authentic = true;
--- a/test/test_main.cpp
+++ b/test/test_main.cpp
@ -165,18 +165,18 @@ TEST_CASE("JWT")
        jwt.setSub("Badaix");
        std::optional<std::string> token = jwt.getToken(key);
        REQUIRE(token.has_value());
-        // REQUIRE(token.value() ==
-        //         "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsInN1YiI6IkJhZGFpeCJ9.LtKDGnT2OSgvWLECReajyMmUv7ApJeRu83MZhDM7d_"
-        //         "1t1zy2Z08BQZEEB58WzR1vZAtRGHDVrYytJaVCPzibQN4eZ1F4m0gDk83hxQPTAKsbwjtzi7pUJzvaBa1ni4ysc9POtoi_M1OtNk5xxziyk5VP1Ph-"
-        //         "TQbm9BCPfpA8bSUCx0LFrm5gyCD3irkww_W3RwDc2ghrjDCRNCyu4R9__lrCRGdx3Z8i0YMB_obuShcYzJXFSxG8adTSs3PQ_R4NXR94-vydVrvBxqe79apocFVrs_"
-        //         "c9Ub8TIFynzqp9L_s206nb2N3C1WfUkKeQ1E7gAgVq8b4SM0OZsmkERQ0P0w");
+        REQUIRE(token.value() ==
+                "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsInN1YiI6IkJhZGFpeCJ9.LtKDGnT2OSgvWLECReajyMmUv7ApJeRu83MZhDM7d_"
+                "1t1zy2Z08BQZEEB58WzR1vZAtRGHDVrYytJaVCPzibQN4eZ1F4m0gDk83hxQPTAKsbwjtzi7pUJzvaBa1ni4ysc9POtoi_M1OtNk5xxziyk5VP1Ph-"
+                "TQbm9BCPfpA8bSUCx0LFrm5gyCD3irkww_W3RwDc2ghrjDCRNCyu4R9__lrCRGdx3Z8i0YMB_obuShcYzJXFSxG8adTSs3PQ_R4NXR94-vydVrvBxqe79apocFVrs_"
+                "c9Ub8TIFynzqp9L_s206nb2N3C1WfUkKeQ1E7gAgVq8b4SM0OZsmkERQ0P0w");

-        // REQUIRE(jwt.parse(token.value(), cert));
-        // REQUIRE(jwt.getSub().has_value());
-        // REQUIRE(jwt.getSub().value() == "Badaix");
-        // REQUIRE(jwt.getIat().has_value());
-        // REQUIRE(jwt.getIat().value() == std::chrono::seconds(1516239022));
-        // REQUIRE(!jwt.getExp().has_value());
+        REQUIRE(jwt.parse(token.value(), cert));
+        REQUIRE(jwt.getSub().has_value());
+        REQUIRE(jwt.getSub().value() == "Badaix");
+        REQUIRE(jwt.getIat().has_value());
+        REQUIRE(jwt.getIat().value() == std::chrono::seconds(1516239022));
+        REQUIRE(!jwt.getExp().has_value());
    }
 }