commit 0d9bdfd2cbfb2ce13f16c49edb9169e4866d1d57
author Matthew Maurer <mmaurer@google.com> Thu Mar 28 14:51:45 2019 -0700
committer hamzeh <hamzeh@google.com> Fri May 10 16:06:33 2019 -0700
tree 585d447f1a700e4ea33efe52147ded1bc61a717b
parent c8bf0869f15a0e326d72cde41c9e9c8bfb7209cf

Remove potential double free

Janis noticed that GetAuthTokenKey has ownership retained by the
implementer, but the caller in libgatekeeper is delete[]ing it.

Bug: 120610663
Bug: 129768470
Test: gatekeeper-unit-tests, Gatekeeper 1.0 VTS against Trusty
Change-Id: I67171d707706b1ebe5caad47447762144495e28b
(cherry picked from commit 6d2ee18a9af8eb9d8580850e434d21e4481fa36e)
(cherry picked from commit 303e6db4d5fbdd42be5bfda1419c759f8e8e4626)
(cherry picked from commit 9d4b63592231755c52124b2ea7d57ee2b2c35ef6)

gatekeeper.cpp

diff --git a/gatekeeper.cpp b/gatekeeper.cpp
index 0d19816..fe427bd 100644
--- a/gatekeeper.cpp
+++ b/gatekeeper.cpp
@@ -241,7 +241,6 @@
         uint32_t hash_len = (uint32_t)((uint8_t *)&token->hmac - (uint8_t *)token);
         ComputeSignature(token->hmac, sizeof(token->hmac), auth_token_key, key_len,
                 reinterpret_cast<uint8_t *>(token), hash_len);
-        delete[] auth_token_key;
     } else {
         memset(token->hmac, 0, sizeof(token->hmac));
     }