a code scanner reports "tbuf" resource leak in qat_prov_rsa_enc_dec.c in qat_prov_rsa_decrypt()

[nefigtut]

hi, openscanhub code security scanner reports a resource leak in the qat_prov_rsa_enc_dec.c file in qat_prov_rsa_decrypt():

Defect type: RESOURCE_LEAK
QAT_Engine-1.9.0/qat_prov_rsa_enc_dec.c:608:17: leaked_storage: Variable "tbuf" going out of scope leaks the storage it points to.

Indeed, tbuf = OPENSSL_malloc(len) is allocated in qat_prov_rsa_decrypt(). Later an error check and an exit is made without freeing the allocated tbuf: if (!fun) return 0;.

I guess tbuf should be freed here as in other error paths (OPENSSL_free(tbuf);). Or (better, I guess), the tbuf = OPENSSL_malloc(len) allocation should be moved INSIDE the if (qat_hw_rsa_offload || qat_sw_rsa_offload) true branch where it is actually used, and is not used in the false branch.

Could you please have a look and probably fix? Thank you!

[venkatesh6911]

Thank you @nefigtut for reporting the issue. I will take a look into this.

[nefigtut]

thank you @venkatesh6911 for a reply and your attention.

[siteshwar]

Please note that we only use open source analyzers (no Coverity or Snyk) in the public instance of OpenScanHub, so the scan results may vary from internal instance.

[nefigtut]

@siteshwar this should be another issue, i guess. this is not related to the tbuf issue we're discussing here.

[siteshwar]

@siteshwar this should be another issue, i guess. this is not related to the tbuf issue we're discussing here.

I am only referencing that the tbuf issue was found through Coverity or Snyk and you may not see it in the public scan results.

[nefigtut]

@siteshwar oh ok, i see, thank you for the clarification.

[venkatesh6911]

Thanks @siteshwar for the info.
@nefigtut - We will fix this and other resource leaks in the next release planned.