fix leaks and unnecessary fetch of RSA signature on refresh/reveal

2019-09-15 12:39:15 +02:00 · 2019-09-15 12:39:15 +02:00 · ebd2e7d763
commit ebd2e7d763
parent a3d272eb9d
5 changed files with 20 additions and 33 deletions
--- a/src/exchange/taler-exchange-httpd_refresh_reveal.c
+++ b/src/exchange/taler-exchange-httpd_refresh_reveal.c
@ -272,20 +272,6 @@ refresh_reveal_preflight (void *cls,
 }


-/**
- * Helper function for #refresh_reveal_transaction() to free internal
- * state of @a refresh_melt (but not the pointer itself!).
- *
- * @param refresh_melt memory to clean up
- */
-static void
-free_refresh_melt (struct TALER_EXCHANGEDB_RefreshMelt *refresh_melt)
-{
-  GNUNET_CRYPTO_rsa_signature_free (
-    refresh_melt->session.coin.denom_sig.rsa_signature);
-}
-
-
 /**
 * Execute a "/refresh/reveal".  The client is revealing to us the
 * transfer keys for @a #TALER_CNC_KAPPA-1 sets of coins.  Verify that the
@ -335,8 +321,6 @@ refresh_reveal_transaction (void *cls,
    GNUNET_break (0);
    *mhd_ret = TEH_RESPONSE_reply_internal_db_error (connection,
                                                     TALER_EC_REFRESH_REVEAL_DB_FETCH_SESSION_ERROR);
-    if (refresh_melt.session.noreveal_index >= TALER_CNC_KAPPA)
-      free_refresh_melt (&refresh_melt);
    return GNUNET_DB_STATUS_HARD_ERROR;
  }

@ -424,7 +408,6 @@ refresh_reveal_transaction (void *cls,
      GNUNET_break_op (0);
      *mhd_ret = reply_refresh_reveal_missmatch (connection,
                                                 &rc_expected);
-      free_refresh_melt (&refresh_melt);
      return GNUNET_DB_STATUS_HARD_ERROR;
    }
  } /* end of checking "rc_expected" */
@ -457,7 +440,6 @@ refresh_reveal_transaction (void *cls,
        *mhd_ret = TEH_RESPONSE_reply_internal_error (connection,
                                                      TALER_EC_REFRESH_REVEAL_COST_CALCULATION_OVERFLOW,
                                                      "failed to add up refresh costs");
-        free_refresh_melt (&refresh_melt);
        return GNUNET_DB_STATUS_HARD_ERROR;
      }
    }
@ -468,11 +450,9 @@ refresh_reveal_transaction (void *cls,
      *mhd_ret = TEH_RESPONSE_reply_external_error (connection,
                                                    TALER_EC_REFRESH_REVEAL_AMOUNT_INSUFFICIENT,
                                                    "melted coin value is insufficient to cover cost of operation");
-      free_refresh_melt (&refresh_melt);
      return GNUNET_DB_STATUS_HARD_ERROR;
    }
  }
-  free_refresh_melt (&refresh_melt);
  return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
 }

--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@ -887,7 +887,6 @@ postgres_prepare (PGconn *db_conn)
                            " kc.denom_pub_hash"
                            ",denom.fee_refresh_val"
                            ",denom.fee_refresh_frac"
-                            ",kc.denom_sig"
                            ",old_coin_pub"
                            ",old_coin_sig"
                            ",amount_with_fee_val"
@ -3729,7 +3728,9 @@ postgres_select_refunds_by_coin (void *cls,
 * @param cls the `struct PostgresClosure` with the plugin-specific state
 * @param session database handle to use, NULL if not run in any transaction
 * @param rc commitment hash to use to locate the operation
- * @param[out] refresh_melt where to store the result
+ * @param[out] refresh_melt where to store the result; note that
+   *             refresh_melt->session.coin.denom_sig will be set to NULL
+   *             and is not fetched by this routine (as it is not needed by the client)
 * @return transaction status
 */
 static enum GNUNET_DB_QueryStatus
@ -3749,9 +3750,6 @@ postgres_get_melt (void *cls,
                                          denom_pub_hash),
    TALER_PQ_RESULT_SPEC_AMOUNT ("fee_refresh",
                                 &refresh_melt->melt_fee),
-    GNUNET_PQ_result_spec_rsa_signature ("denom_sig",
-                                         &refresh_melt->session.coin.denom_sig.
-                                         rsa_signature),
    GNUNET_PQ_result_spec_uint32 ("noreveal_index",
                                  &refresh_melt->session.noreveal_index),
    GNUNET_PQ_result_spec_auto_from_type ("old_coin_pub",
@ -3764,6 +3762,7 @@ postgres_get_melt (void *cls,
  };
  enum GNUNET_DB_QueryStatus qs;

+  refresh_melt->session.coin.denom_sig.rsa_signature = NULL;
  if (NULL == session)
    session = postgres_get_session (pg);
  qs = GNUNET_PQ_eval_prepared_singleton_select (session->conn,
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@ -562,19 +562,14 @@ test_melting (struct TALER_EXCHANGEDB_Session *session)
          GNUNET_memcmp (&refresh_session.rc, &ret_refresh_session.session.rc));
  FAILIF (0 != GNUNET_memcmp (&refresh_session.coin_sig,
                              &ret_refresh_session.session.coin_sig));
-  FAILIF (0 !=
-          GNUNET_CRYPTO_rsa_signature_cmp (
-            refresh_session.coin.denom_sig.rsa_signature,
-            ret_refresh_session.session.coin.
-            denom_sig.rsa_signature));
+  FAILIF (NULL !=
+          ret_refresh_session.session.coin.denom_sig.rsa_signature);
  FAILIF (0 != memcmp (&refresh_session.coin.coin_pub,
                       &ret_refresh_session.session.coin.coin_pub,
                       sizeof (refresh_session.coin.coin_pub)));
  FAILIF (0 !=
          GNUNET_memcmp (&refresh_session.coin.denom_pub_hash,
                         &ret_refresh_session.session.coin.denom_pub_hash));
-  GNUNET_CRYPTO_rsa_signature_free (
-    ret_refresh_session.session.coin.denom_sig.rsa_signature);

  /* test 'select_refreshs_above_serial_id' */
  auditor_row_cnt = 0;
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@ -1827,7 +1827,9 @@ struct TALER_EXCHANGEDB_Plugin
   * @param cls the @e cls of this struct with the plugin-specific state
   * @param session database handle to use
   * @param rc commitment to use for the lookup
-   * @param[out] refresh_melt where to store the result
+   * @param[out] refresh_melt where to store the result; note that
+   *             refresh_melt->session.coin.denom_sig will be set to NULL
+   *             and is not fetched by this routine (as it is not needed by the client)
   * @return transaction status
   */
  enum GNUNET_DB_QueryStatus
--- a/src/lib/exchange_api_handle.c
+++ b/src/lib/exchange_api_handle.c
@ -1024,7 +1024,12 @@ decode_keys_json (const json_t *resp_obj,
        }
      }
      if (GNUNET_YES == found)
+      {
+        GNUNET_array_grow (ai.denom_keys,
+                           ai.num_denom_keys,
+                           0);
        continue; /* we are done */
+      }
      if (key_data->auditors_size == key_data->num_auditors)
        GNUNET_array_grow (key_data->auditors,
                           key_data->auditors_size,
@ -1564,11 +1569,15 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
    return;
  }
  if (0 != version)
+  {
+    GNUNET_JSON_parse_free (spec);
    return; /* unsupported version */
+  }
  if (0 != strcmp (url,
                   exchange->url))
  {
    GNUNET_break (0);
+    GNUNET_JSON_parse_free (spec);
    return;
  }
  memset (&key_data,
@ -1581,6 +1590,7 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
                        &vc))
  {
    GNUNET_break (0);
+    GNUNET_JSON_parse_free (spec);
    return;
  }
  /* decode successful, initialize with the result */
@ -1594,6 +1604,7 @@ deserialize_data (struct TALER_EXCHANGE_Handle *exchange,
  exchange->cert_cb (exchange->cert_cb_cls,
                     &exchange->key_data,
                     vc);
+  GNUNET_JSON_parse_free (spec);
 }