Skip to content
This repository was archived by the owner on Oct 19, 2024. It is now read-only.

Commit c8ca514

Browse files
ericchiangericchiang
committed
pkcs11: improve ckCString() so its harder to forget to free resources
1 parent aced859 commit c8ca514

File tree

1 file changed

+18
-16
lines changed

1 file changed

+18
-16
lines changed

pkcs11/pkcs11.go

Lines changed: 18 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -279,13 +279,15 @@ func ckString(s string) []C.CK_UTF8CHAR {
279279
// ckCString converts a Go string to a cryptokit string held by C. This is required,
280280
// for example, when building a CK_ATTRIBUTE, which needs to hold a pointer to a
281281
// cryptokit string.
282-
func ckCString(s string) *C.CK_UTF8CHAR {
282+
//
283+
// This method also returns a function to free the allocated C memory.
284+
func ckCString(s string) (cstring *C.CK_UTF8CHAR, free func()) {
283285
b := (*C.CK_UTF8CHAR)(C.malloc(C.sizeof_CK_UTF8CHAR * C.ulong(len(s))))
284286
bs := unsafe.Slice(b, len(s))
285287
for i, c := range []byte(s) {
286288
bs[i] = C.CK_UTF8CHAR(c)
287289
}
288-
return b
290+
return b, func() { C.free(unsafe.Pointer(b)) }
289291
}
290292

291293
func ckGoString(s *C.CK_UTF8CHAR, n C.CK_ULONG) string {
@@ -855,8 +857,8 @@ func (s *Slot) createX509Certificate(opts createOptions) (*Object, error) {
855857
}
856858

857859
if opts.Label != "" {
858-
cs := ckCString(opts.Label)
859-
defer C.free(unsafe.Pointer(cs))
860+
cs, free := ckCString(opts.Label)
861+
defer free()
860862

861863
attrs = append(attrs, C.CK_ATTRIBUTE{
862864
C.CKA_LABEL,
@@ -894,8 +896,8 @@ type Filter struct {
894896
func (s *Slot) Objects(opts Filter) (objs []Object, err error) {
895897
var attrs []C.CK_ATTRIBUTE
896898
if opts.Label != "" {
897-
cs := ckCString(opts.Label)
898-
defer C.free(unsafe.Pointer(cs))
899+
cs, free := ckCString(opts.Label)
900+
defer free()
899901

900902
attrs = append(attrs, C.CK_ATTRIBUTE{
901903
C.CKA_LABEL,
@@ -1011,8 +1013,8 @@ func (o Object) Label() (string, error) {
10111013

10121014
// setLabel sets the label of the object overwriting any previous value.
10131015
func (o Object) setLabel(s string) error {
1014-
cs := ckCString(s)
1015-
defer C.free(unsafe.Pointer(cs))
1016+
cs, free := ckCString(s)
1017+
defer free()
10161018

10171019
attrs := []C.CK_ATTRIBUTE{{C.CKA_LABEL, C.CK_VOID_PTR(cs), C.CK_ULONG(len(s))}}
10181020
return o.setAttribute(attrs)
@@ -1518,8 +1520,8 @@ func (s *Slot) generateRSA(o keyOptions) (crypto.PrivateKey, error) {
15181520
}
15191521

15201522
if o.LabelPrivate != "" {
1521-
cs := ckCString(o.LabelPrivate)
1522-
defer C.free(unsafe.Pointer(cs))
1523+
cs, free := ckCString(o.LabelPrivate)
1524+
defer free()
15231525

15241526
privTmpl = append(privTmpl, C.CK_ATTRIBUTE{
15251527
C.CKA_LABEL,
@@ -1534,8 +1536,8 @@ func (s *Slot) generateRSA(o keyOptions) (crypto.PrivateKey, error) {
15341536
}
15351537

15361538
if o.LabelPublic != "" {
1537-
cs := ckCString(o.LabelPublic)
1538-
defer C.free(unsafe.Pointer(cs))
1539+
cs, free := ckCString(o.LabelPublic)
1540+
defer free()
15391541

15401542
pubTmpl = append(pubTmpl, C.CK_ATTRIBUTE{
15411543
C.CKA_LABEL,
@@ -1632,8 +1634,8 @@ func (s *Slot) generateECDSA(o keyOptions) (crypto.PrivateKey, error) {
16321634
}
16331635

16341636
if o.LabelPrivate != "" {
1635-
cs := ckCString(o.LabelPrivate)
1636-
defer C.free(unsafe.Pointer(cs))
1637+
cs, free := ckCString(o.LabelPrivate)
1638+
defer free()
16371639

16381640
privTmpl = append(privTmpl, C.CK_ATTRIBUTE{
16391641
C.CKA_LABEL,
@@ -1647,8 +1649,8 @@ func (s *Slot) generateECDSA(o keyOptions) (crypto.PrivateKey, error) {
16471649
{C.CKA_VERIFY, cTrue, C.CK_ULONG(C.sizeof_CK_BBOOL)},
16481650
}
16491651
if o.LabelPublic != "" {
1650-
cs := ckCString(o.LabelPublic)
1651-
defer C.free(unsafe.Pointer(cs))
1652+
cs, free := ckCString(o.LabelPublic)
1653+
defer free()
16521654

16531655
pubTmpl = append(pubTmpl, C.CK_ATTRIBUTE{
16541656
C.CKA_LABEL,

0 commit comments

Comments
 (0)