mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:55:39 +01:00
Merge branch 'mbedtls-2.1'
Merge of fix for memory leak in RSA-SSA signing - #372
This commit is contained in:
commit
28b35c02f7
@ -14,8 +14,10 @@ Bugfix
|
||||
* Fix bug in certificate validation that caused valid chains to be rejected
|
||||
when the first intermediate certificate has pathLenConstraint=0. Found by
|
||||
Nicholas Wilson. Introduced in mbed TLS 2.1.4. #280
|
||||
* Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by
|
||||
JayaraghavendranK. #372
|
||||
|
||||
Changes
|
||||
Change
|
||||
* To avoid dropping an entire DTLS datagram if a single record in a datagram
|
||||
is invalid, we now only drop the record and look at subsequent records (if
|
||||
any are present) in the same datagram to avoid interoperability issues.
|
||||
|
@ -1086,10 +1086,16 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
* temporary buffer and check it before returning it.
|
||||
*/
|
||||
sig_try = mbedtls_calloc( 1, ctx->len );
|
||||
verif = mbedtls_calloc( 1, ctx->len );
|
||||
if( sig_try == NULL || verif == NULL )
|
||||
if( sig_try == NULL )
|
||||
return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
|
||||
|
||||
verif = mbedtls_calloc( 1, ctx->len );
|
||||
if( verif == NULL )
|
||||
{
|
||||
mbedtls_free( sig_try );
|
||||
return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
|
||||
}
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) );
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user