ikev2: fix memory leak in auth routine

Type: fix Change-Id: I93529b069925fcef32cdb22e27975b802b4c3b97 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-05 12:30:44 +00:00
parent 3a97a456ab
commit 623d87fd39
1 changed files with 4 additions and 0 deletions
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@ -1671,11 +1671,13 @@ ikev2_sa_auth (ikev2_sa_t * sa)
 	  authmsg = ikev2_sa_generate_authmsg (sa, 1);
 	  if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
 	    {
+	      vec_free (sa->r_auth.data);
 	      sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
 	      sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
 	    }
 	  else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
 	    {
+	      vec_free (sa->r_auth.data);
 	      sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
 	      sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
 	    }
@ -1732,11 +1734,13 @@ ikev2_sa_auth_init (ikev2_sa_t * sa)

  if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
    {
+      vec_free (sa->i_auth.data);
      sa->i_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
      sa->i_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
    }
  else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
    {
+      vec_free (sa->i_auth.data);
      sa->i_auth.data = ikev2_calc_sign (km->pkey, authmsg);
      sa->i_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
    }