From 5a16095ddf4df795e4d4a5e0e97e192c290ec85a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= <marcandre.moreau@gmail.com>
Date: Thu, 23 Aug 2012 01:18:47 -0400
Subject: [PATCH] libwinpr-sspi: valgrind cleanup

---
 winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c | 21 +++++++++++++++++++++
 winpr/libwinpr/sspi/NTLM/ntlm_compute.c  |  1 +
 winpr/libwinpr/sspi/NTLM/ntlm_message.c  | 23 +++++++++++++++++++++++
 winpr/libwinpr/sspi/sspi.c               |  6 ++++++
 winpr/libwinpr/utils/ntlm.c              |  8 +++++++-
 winpr/libwinpr/utils/sam.c               |  2 ++
 6 files changed, 60 insertions(+), 1 deletion(-)

diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
index 26967621f..9e75b71a3 100644
--- a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
@@ -195,6 +195,22 @@ void ntlm_get_target_computer_name(PUNICODE_STRING pName, COMPUTER_NAME_FORMAT t
 	free(name);
 }
 
+void ntlm_free_unicode_string(PUNICODE_STRING string)
+{
+	if (string != NULL)
+	{
+		if (string->Length > 0)
+		{
+			if (string->Buffer != NULL)
+				free(string->Buffer);
+
+			string->Buffer = NULL;
+			string->Length = 0;
+			string->MaximumLength = 0;
+		}
+	}
+}
+
 void ntlm_construct_challenge_target_info(NTLM_CONTEXT* context)
 {
 	int length;
@@ -228,6 +244,11 @@ void ntlm_construct_challenge_target_info(NTLM_CONTEXT* context)
 	ntlm_av_pair_add(pAvPairList, MsvAvDnsDomainName, (PBYTE) DnsDomainName.Buffer, DnsDomainName.Length);
 	ntlm_av_pair_add(pAvPairList, MsvAvDnsComputerName, (PBYTE) DnsComputerName.Buffer, DnsComputerName.Length);
 	ntlm_av_pair_add(pAvPairList, MsvAvTimestamp, context->Timestamp, sizeof(context->Timestamp));
+
+	ntlm_free_unicode_string(&NbDomainName);
+	ntlm_free_unicode_string(&NbComputerName);
+	ntlm_free_unicode_string(&DnsDomainName);
+	ntlm_free_unicode_string(&DnsComputerName);
 }
 
 void ntlm_construct_authenticate_target_info(NTLM_CONTEXT* context)
diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
index 3fe05ee58..93d32069d 100644
--- a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
@@ -656,5 +656,6 @@ void ntlm_compute_message_integrity_check(NTLM_CONTEXT* context)
 	HMAC_Update(&hmac_ctx, context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
 	HMAC_Update(&hmac_ctx, context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
 	HMAC_Final(&hmac_ctx, context->MessageIntegrityCheck, NULL);
+	HMAC_CTX_cleanup(&hmac_ctx);
 }
 
diff --git a/winpr/libwinpr/sspi/NTLM/ntlm_message.c b/winpr/libwinpr/sspi/NTLM/ntlm_message.c
index 28d17f02c..4eff96641 100644
--- a/winpr/libwinpr/sspi/NTLM/ntlm_message.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_message.c
@@ -161,6 +161,22 @@ void ntlm_write_message_fields_buffer(PStream s, NTLM_MESSAGE_FIELDS* fields)
 	}
 }
 
+void ntlm_free_message_fields_buffer(NTLM_MESSAGE_FIELDS* fields)
+{
+	if (fields != NULL)
+	{
+		if (fields->Buffer != NULL)
+		{
+			free(fields->Buffer);
+
+			fields->Len = 0;
+			fields->MaxLen = 0;
+			fields->Buffer = NULL;
+			fields->BufferOffset = 0;
+		}
+	}
+}
+
 void ntlm_print_message_fields(NTLM_MESSAGE_FIELDS* fields, const char* name)
 {
 	printf("%s (Len: %d MaxLen: %d BufferOffset: %d)\n",
@@ -847,6 +863,13 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer
 
 	PStreamFreeDetach(s);
 
+	ntlm_free_message_fields_buffer(&(message.DomainName));
+	ntlm_free_message_fields_buffer(&(message.UserName));
+	ntlm_free_message_fields_buffer(&(message.Workstation));
+	ntlm_free_message_fields_buffer(&(message.LmChallengeResponse));
+	ntlm_free_message_fields_buffer(&(message.NtChallengeResponse));
+	ntlm_free_message_fields_buffer(&(message.EncryptedRandomSessionKey));
+
 	return SEC_I_COMPLETE_NEEDED;
 }
 
diff --git a/winpr/libwinpr/sspi/sspi.c b/winpr/libwinpr/sspi/sspi.c
index 58a303b47..142ccc8ac 100644
--- a/winpr/libwinpr/sspi/sspi.c
+++ b/winpr/libwinpr/sspi/sspi.c
@@ -23,6 +23,9 @@
 
 #include <stdlib.h>
 
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
 #include <winpr/crt.h>
 #include <winpr/sspi.h>
 #include <winpr/print.h>
@@ -347,6 +350,9 @@ void sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDE
 
 void sspi_GlobalInit()
 {
+	SSL_load_error_strings();
+	SSL_library_init();
+
 	sspi_ContextBufferAllocTableNew();
 }
 
diff --git a/winpr/libwinpr/utils/ntlm.c b/winpr/libwinpr/utils/ntlm.c
index 200583ac6..9b99de5ec 100644
--- a/winpr/libwinpr/utils/ntlm.c
+++ b/winpr/libwinpr/utils/ntlm.c
@@ -27,6 +27,8 @@
 #include <winpr/windows.h>
 
 #include <time.h>
+
+#include <openssl/ssl.h>
 #include <openssl/des.h>
 #include <openssl/md4.h>
 #include <openssl/md5.h>
@@ -149,7 +151,11 @@ BYTE* NTOWFv2FromHashW(BYTE* NtHashV1, LPWSTR User, UINT32 UserLength, LPWSTR Do
 
 	CopyMemory(buffer, User, UserLength);
 	CharUpperBuffW((LPWSTR) buffer, UserLength / 2);
-	CopyMemory(&buffer[UserLength], Domain, DomainLength);
+
+	if (DomainLength > 0)
+	{
+		CopyMemory(&buffer[UserLength], Domain, DomainLength);
+	}
 
 	/* Compute the HMAC-MD5 hash of the above value using the NTLMv1 hash as the key, the result is the NTLMv2 hash */
 	HMAC(EVP_md5(), (void*) NtHashV1, 16, buffer, UserLength + DomainLength, (void*) NtHash, NULL);
diff --git a/winpr/libwinpr/utils/sam.c b/winpr/libwinpr/utils/sam.c
index b4cebc685..dfc48f459 100644
--- a/winpr/libwinpr/utils/sam.c
+++ b/winpr/libwinpr/utils/sam.c
@@ -308,6 +308,8 @@ WINPR_SAM_ENTRY* SamLookupUserW(WINPR_SAM* sam, LPWSTR User, UINT32 UserLength,
 						}
 					}
 
+					free(EntryUser);
+
 					if (UserMatch && DomainMatch)
 					{
 						Found = 1;