From 9b9e5b00496e92b3240ac6be9d112c29824dc556 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Wed, 8 Jun 2016 05:45:27 -0700
Subject: Fix leaks in use of MPI and within MPI.

* arith.c (logand, logior, logxor): Use make_ubignum
to create an uninitialized bignum, because mp_and, mp_or, and
mp_xor expect argument c to be uninitialized, and clobber
it by initializing.
(comp_trunc): Use make_ubignum for b argument,
because mp_trunk_comp initializes it.
(lognot, logtrunc): Use make_ubignum for b, because
mp_trunc initializes it.

* mpi/mpi.c (mp_and, mp_or, mp_xor, mp_comp, mp_trunc_comp,
mp_trunc, mp_shift, mp_bit): Do not initialize the tmp that is
passed as argument b to mp_2comp, since that function
initializes it.
---
 arith.c   | 12 ++++++------
 mpi/mpi.c | 11 -----------
 2 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/arith.c b/arith.c
index 33942c35..1c3c33ce 100644
--- a/arith.c
+++ b/arith.c
@@ -1771,7 +1771,7 @@ val logand(val a, val b)
   case TYPE_PAIR(BGNUM, BGNUM):
     if (a == b)
       return a;
-    c = make_bignum();
+    c = make_ubignum();
     if (mp_and(mp(a), mp(b), mp(c)) != MP_OKAY)
       goto bad;
     return normalize(c);
@@ -1812,7 +1812,7 @@ val logior(val a, val b)
   case TYPE_PAIR(BGNUM, BGNUM):
     if (a == b)
       return a;
-    c = make_bignum();
+    c = make_ubignum();
     if (mp_or(mp(a), mp(b), mp(c)) != MP_OKAY)
       goto bad;
     return normalize(c);
@@ -1853,7 +1853,7 @@ val logxor(val a, val b)
   case TYPE_PAIR(BGNUM, BGNUM):
     if (a == b)
       return a;
-    c = make_bignum();
+    c = make_ubignum();
     if (mp_xor(mp(a), mp(b), mp(c)) != MP_OKAY)
       goto bad;
     return normalize(c);
@@ -1893,7 +1893,7 @@ static val comp_trunc(val a, val bits)
     a = bignum(an);
     /* fallthrough */
   case BGNUM:
-    b = make_bignum();
+    b = make_ubignum();
     if (mp_trunc_comp(mp(a), mp(b), bn) != MP_OKAY)
       goto bad;
     return normalize(b);
@@ -1922,7 +1922,7 @@ val lognot(val a, val bits)
   case NUM:
     return num_fast(~c_num(a));
   case BGNUM:
-    b = make_bignum();
+    b = make_ubignum();
     if (mp_comp(mp(a), mp(b)) != MP_OKAY)
       goto bad;
     return normalize(b);
@@ -1956,7 +1956,7 @@ val logtrunc(val a, val bits)
     a = bignum(an);
     /* fallthrough */
   case BGNUM:
-    b = make_bignum();
+    b = make_ubignum();
     if (mp_trunc(mp(a), mp(b), bn) != MP_OKAY)
       goto bad;
     return normalize(b);
diff --git a/mpi/mpi.c b/mpi/mpi.c
index 42a267b5..cb6567a5 100644
--- a/mpi/mpi.c
+++ b/mpi/mpi.c
@@ -2422,7 +2422,6 @@ mp_err mp_and(mp_int *a, mp_int *b, mp_int *c)
 
   if (ISNEG(a)) {
     extent = USED(b);
-    mp_init(&tmp_a);
     if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY)
 	goto out;
     a = &tmp_a;
@@ -2430,7 +2429,6 @@ mp_err mp_and(mp_int *a, mp_int *b, mp_int *c)
 
   if (ISNEG(b)) {
     extent = USED(a);
-    mp_init(&tmp_b);
     if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY)
 	goto out;
     b = &tmp_b;
@@ -2484,14 +2482,12 @@ mp_err mp_or(mp_int *a, mp_int *b, mp_int *c)
     return mp_copy(a, c);
 
   if (ISNEG(a)) {
-    mp_init(&tmp_a);
     if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY)
 	goto out;
     a = &tmp_a;
   }
 
   if (ISNEG(b)) {
-    mp_init(&tmp_b);
     if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY)
 	goto out;
     b = &tmp_b;
@@ -2548,14 +2544,12 @@ mp_err mp_xor(mp_int *a, mp_int *b, mp_int *c)
   extent = MAX(USED(a), USED(b));
 
   if (ISNEG(a)) {
-    mp_init(&tmp_a);
     if ((res = mp_2comp(a, &tmp_a, extent)) != MP_OKAY)
 	goto out;
     a = &tmp_a;
   }
 
   if (ISNEG(b)) {
-    mp_init(&tmp_b);
     if ((res = mp_2comp(b, &tmp_b, extent)) != MP_OKAY)
 	goto out;
     b = &tmp_b;
@@ -2613,7 +2607,6 @@ mp_err mp_comp(mp_int *a, mp_int *b)
     return res;
 
   if (ISNEG(a)) {
-    mp_init(&tmp);
     if ((res = mp_2comp(a, &tmp, dig)) != MP_OKAY)
 	return res;
     a = &tmp;
@@ -2657,7 +2650,6 @@ mp_err mp_trunc_comp(mp_int *a, mp_int *b, mp_digit bits)
     return res;
 
   if (ISNEG(a)) {
-    mp_init(&tmp);
     if ((res = mp_2comp(a, &tmp, dig + extra)) != MP_OKAY)
 	return res;
     a = &tmp;
@@ -2701,7 +2693,6 @@ mp_err mp_trunc(mp_int *a, mp_int *b, mp_digit bits)
     return res;
 
   if (ISNEG(a)) {
-    mp_init(&tmp);
     if ((res = mp_2comp(a, &tmp, dig + extra)) != MP_OKAY)
 	return res;
     a = &tmp;
@@ -2735,7 +2726,6 @@ mp_err mp_shift(mp_int *a, mp_int *b, int bits)
 
   if (a_neg) {
     mp_size ua = USED(a);
-    mp_init(&tmp);
     if ((res = mp_2comp(a, &tmp, ua)) != MP_OKAY)
 	return res;
     SIGN(&tmp) = MP_ZPOS;
@@ -2785,7 +2775,6 @@ mp_err mp_bit(mp_int *a, mp_digit bit)
   mp_digit mask = convert(mp_digit, 1) << (bit % MP_DIGIT_BIT);
 
   if (a_neg) {
-    mp_init(&tmp);
     if ((res = mp_2comp(a, &tmp, bit + 1)) != MP_OKAY)
 	return res;
     SIGN(&tmp) = MP_ZPOS;
-- 
cgit v1.2.3