From 12e6f5b1329cf064f277b6ed0265242f07227f1e Mon Sep 17 00:00:00 2001
From: LoRd_MuldeR <mulder2@gmx.de>
Date: Fri, 25 Jun 2021 19:43:18 +0200
Subject: [PATCH] Using OpenSSL-provided memory functions where appropriate.

---
 src/codesign_keygen.c |  3 +--
 src/codesign_sign.c   | 23 ++++++-----------------
 src/codesign_verify.c | 33 ++++++++++++---------------------
 src/common.c          |  8 ++++----
 src/platform.h        |  2 --
 5 files changed, 23 insertions(+), 46 deletions(-)

diff --git a/src/codesign_keygen.c b/src/codesign_keygen.c
index d8c2a51..f90aaaf 100644
--- a/src/codesign_keygen.c
+++ b/src/codesign_keygen.c
@@ -166,8 +166,7 @@ clean_up:
 
     if (passwd)
     {
-        OPENSSL_cleanse(passwd, strlen(passwd));
-        free(passwd);
+        OPENSSL_clear_free(passwd, strlen(passwd));
     }
 
     if (file_pubkey)
diff --git a/src/codesign_sign.c b/src/codesign_sign.c
index c7e0a93..86f71ec 100644
--- a/src/codesign_sign.c
+++ b/src/codesign_sign.c
@@ -170,7 +170,7 @@ int MAIN(int argc, CHAR_T *argv[])
     /* Compute the RSA signature                             */
     /*-------------------------------------------------------*/
 
-    output = (unsigned char*) malloc(RSA_size(rsa) + sizeof(ts_buffer));
+    output = (unsigned char*) OPENSSL_zalloc(RSA_size(rsa) + sizeof(ts_buffer));
     if (!output)
     {
         fputs("Failed!\n\nError: Failed to allocate output buffer!\n\n", stderr);
@@ -192,7 +192,7 @@ int MAIN(int argc, CHAR_T *argv[])
     /* Write signature the output file                       */
     /*-------------------------------------------------------*/
 
-    base64 = (char*) malloc(1U + (base64_length = 4U * (((output_length = signature_length + sizeof(ts_buffer)) + 2U) / 3U)));
+    base64 = (char*) OPENSSL_zalloc(1U + (base64_length = 4U * (((output_length = signature_length + sizeof(ts_buffer)) + 2U) / 3U)));
     if (!base64)
     {
         fputs("Error: Failed to allocate hex-string buffer!\n\n", stderr);
@@ -226,22 +226,12 @@ int MAIN(int argc, CHAR_T *argv[])
 
 clean_up:
 
+    OPENSSL_clear_free(base64, base64_length);
+    OPENSSL_clear_free(output, output_length);
+
     if (passwd)
     {
-        OPENSSL_cleanse(passwd, strlen(passwd));
-        free(passwd);
-    }
-
-    if (base64)
-    {
-        OPENSSL_cleanse(base64, strlen(base64));
-        free(base64);
-    }
-
-    if (output)
-    {
-        OPENSSL_cleanse(output, MSIZE(output));
-        free(output);
+        OPENSSL_clear_free(passwd, strlen(passwd));
     }
 
     if (file_privkey)
@@ -264,7 +254,6 @@ clean_up:
         RSA_free(rsa);
     }
 
-
     OPENSSL_cleanse(ts_buffer, sizeof(ts_buffer));
     OPENSSL_cleanse(&sha512, sizeof(SHA512_CTX));
     OPENSSL_cleanse(&timestamp, sizeof(uint64_t));
diff --git a/src/codesign_verify.c b/src/codesign_verify.c
index 19ddc4b..621e1c7 100644
--- a/src/codesign_verify.c
+++ b/src/codesign_verify.c
@@ -31,8 +31,8 @@ int MAIN(int argc, CHAR_T *argv[])
     SHA512_CTX sha512 = { };
     char *base64 = NULL;
     FILE *file_pubkey = NULL, *file_data = NULL, *file_signature = NULL;
-    unsigned char buffer[BUFFSIZE], digest[SHA512_DIGEST_LENGTH], *input = NULL;
-    unsigned int input_length = 0U, base64_length = 0U;
+    unsigned char buffer[BUFFSIZE], digest[SHA512_DIGEST_LENGTH], *source = NULL;
+    unsigned int source_length = 0U, base64_length = 0U;
 #ifdef EMBED_PUBKEY
     const unsigned char *public_key = NULL, *checksum_pubkey = NULL;
     unsigned int pubkey_length = 0U, checksum_length = 0U;
@@ -163,21 +163,21 @@ int MAIN(int argc, CHAR_T *argv[])
     /* Decode signature input data                           */
     /*-------------------------------------------------------*/
 
-    input = (unsigned char*) malloc(1U + (3U * ((base64_length + 3U) / 4U)));
-    if (!input)
+    source = (unsigned char*) OPENSSL_zalloc(1U + (3U * ((base64_length + 3U) / 4U)));
+    if (!source)
     {
         fputs("Error: Failed to allocate the input buffer!\n\n", stderr);
         goto clean_up;
     }
 
-    input_length = EVP_DecodeBlock(input, (unsigned char*)base64, base64_length);
-    if ((int)input_length <= 0)
+    source_length = EVP_DecodeBlock(source, (unsigned char*)base64, base64_length);
+    if ((int)source_length <= 0)
     {
         fputs("Error: Failed to decode signature data from Base64 format!\n\n", stderr);
         goto clean_up;
     }
 
-    if (input_length <= 2U + sizeof(uint64_t))
+    if (source_length <= 2U + sizeof(uint64_t))
     {
         fputs("Error: Signature binary data appears to be truncated!\n\n", stderr);
         goto clean_up;
@@ -185,7 +185,7 @@ int MAIN(int argc, CHAR_T *argv[])
 
     if (base64[base64_length - 1U] == '=')
     {
-        input_length -= (base64[base64_length - 2U] == '=') ? 2U : 1U; /*remove padding!*/
+        source_length -= (base64[base64_length - 2U] == '=') ? 2U : 1U; /*remove padding!*/
     }
 
     /*-------------------------------------------------------*/
@@ -201,7 +201,7 @@ int MAIN(int argc, CHAR_T *argv[])
     fputs("Verifying the RSA signature, please wait...\n", stderr);
     fflush(stderr);
 
-    if (SHA512_Update(&sha512, input, sizeof(uint64_t)) != 1)
+    if (SHA512_Update(&sha512, source, sizeof(uint64_t)) != 1)
     {
         fputs("Failed!\n\nError: Failed to update SHA-512 digest!\n\n", stderr);
         goto clean_up;
@@ -242,7 +242,7 @@ int MAIN(int argc, CHAR_T *argv[])
     /* Validate the RSA signature                            */
     /*-------------------------------------------------------*/
 
-    if (RSA_verify(NID_sha512, digest, SHA512_DIGEST_LENGTH, input + sizeof(uint64_t), input_length - sizeof(uint64_t), rsa) != 1)
+    if (RSA_verify(NID_sha512, digest, SHA512_DIGEST_LENGTH, source + sizeof(uint64_t), source_length - sizeof(uint64_t), rsa) != 1)
     {
         fputs("Failed!\n\nInvalid signature or corrupted file :-(\n\n", stderr);
         goto clean_up;
@@ -257,17 +257,8 @@ int MAIN(int argc, CHAR_T *argv[])
 
 clean_up:
 
-    if (input)
-    {
-        OPENSSL_cleanse(input, MSIZE(input));
-        free(input);
-    }
-
-    if (base64)
-    {
-        OPENSSL_cleanse(base64, strlen(base64));
-        free(base64);
-    }
+    OPENSSL_clear_free(source, source_length);
+    OPENSSL_clear_free(base64, base64_length);
 
     if (file_pubkey)
     {
diff --git a/src/common.c b/src/common.c
index 4e711ea..c102b36 100644
--- a/src/common.c
+++ b/src/common.c
@@ -53,19 +53,19 @@ char *convert_CHAR_to_UTF8(const CHAR_T *str)
         int bytes = WideCharToMultiByte(CP_UTF8, 0, str, -1, NULL, 0, NULL, NULL);
         if (bytes > 0)
         {
-            str_utf8 = malloc(bytes);
+            str_utf8 = OPENSSL_zalloc(bytes);
             if(str_utf8)
             {
                 if (WideCharToMultiByte(CP_UTF8, 0, str, -1, str_utf8, bytes, NULL, NULL) == 0) 
                 {
-                    free(str_utf8);
+                    OPENSSL_clear_free(str_utf8, bytes);
                     return NULL;
                 }
             }
         }
     }
 #else
-    str_utf8 = strdup(str);
+    str_utf8 = OPENSSL_strdup(str);
 #endif
     return str_utf8;
 }
@@ -111,7 +111,7 @@ char *read_line_from_file(FILE *const file, const int trim)
             }
             if (len > 0)
             {
-                return strdup(line);
+                return OPENSSL_strdup(line);
             }
         }
     }
diff --git a/src/platform.h b/src/platform.h
index bbbbd1d..1e59699 100644
--- a/src/platform.h
+++ b/src/platform.h
@@ -12,7 +12,6 @@
 #define CHAR_T wchar_t
 #define MAIN wmain
 #define FOPEN(X,Y) _wfsopen((X),(Y),_SH_SECURE)
-#define MSIZE(X) _msize((X))
 #define _T(X) L##X
 #define T(X) _T(X)
 
@@ -21,7 +20,6 @@
 #define CHAR_T char
 #define MAIN main
 #define FOPEN(X,Y) fopen((X),(Y))
-#define MSIZE(X) malloc_usable_size((X))
 #define T(X) X
 
 #endif