From b446c3e32f797b489e3c2dd6608d9def65c40b01 Mon Sep 17 00:00:00 2001 From: liuxueli Date: Thu, 11 Nov 2021 00:27:18 +0300 Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=AF=86=E5=A4=B1=E8=B4=A5=E6=97=B6?= =?UTF-8?q?=E7=94=B3=E8=AF=B7=E7=9A=84=E5=86=85=E5=AD=98=E6=9C=AA=E9=87=8A?= =?UTF-8?q?=E6=94=BE=E5=AF=BC=E8=87=B4=E5=86=85=E5=AD=98=E6=B3=84=E6=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/quic_deprotection.cpp | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/src/quic_deprotection.cpp b/src/quic_deprotection.cpp index 58565d1..861d947 100644 --- a/src/quic_deprotection.cpp +++ b/src/quic_deprotection.cpp @@ -172,6 +172,8 @@ static void quic_decrypt_message(quic_pp_cipher *pp_cipher, const char *payload, buffer_length = length - (pkn_len + 16); if (buffer_length == 0 || buffer_length >1500) { + g_free(header); + header=NULL; *error = (const guchar *)"Decryption not possible, ciphertext is too short or too long"; return; } @@ -185,30 +187,48 @@ static void quic_decrypt_message(quic_pp_cipher *pp_cipher, const char *payload, gcry_cipher_reset(pp_cipher->pp_cipher); err = gcry_cipher_setiv(pp_cipher->pp_cipher, nonce, TLS13_AEAD_NONCE_LENGTH); - if (err) { - //printf("Decryption (setiv) failed: %s\n", gcry_strerror(err)); + if (err) + { + g_free(header); + header=NULL; + g_free(buffer); + buffer=NULL; *error = (const guchar *)"Decryption (setiv) failed"; return; } // associated data (A) is the contents of QUIC header err = gcry_cipher_authenticate(pp_cipher->pp_cipher, header, header_length); - if (err) { - //printf("Decryption (authenticate) failed: %s\n", gcry_strerror(err)); + if (err) + { + g_free(header); + header=NULL; + g_free(buffer); + buffer=NULL; *error = (const guchar *)"Decryption (authenticate) failed"; return; } // Output ciphertext (C) err = gcry_cipher_decrypt(pp_cipher->pp_cipher, buffer, buffer_length, NULL, 0); - if (err) { + if (err) + { + g_free(header); + header=NULL; + g_free(buffer); + buffer=NULL; //printf("Decryption (decrypt) failed: %s\n", gcry_strerror(err)); *error = (const guchar *)"Decryption (decrypt) failed"; return; } err = gcry_cipher_checktag(pp_cipher->pp_cipher, atag, 16); - if (err) { + if (err) + { + g_free(header); + header=NULL; + g_free(buffer); + buffer=NULL; //printf("Decryption (checktag) failed: %s\n", gcry_strerror(err)); *error = (const guchar *)"Decryption (checktag) failed"; return;