Fix memory leak in client/server2

context_buf was never free()d. Moreover, since we want to free it on error
paths as well, and even properly zeroize it in order to demonstrate good
memory hygiene, we need to make it and its length main()-scoped.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-07-15 10:31:11 +02:00 committed by Jarno Lamsa
parent c2a7b891a1
commit 3309a67996
2 changed files with 29 additions and 2 deletions

View File

@ -1083,6 +1083,10 @@ int main( int argc, char *argv[] )
#endif #endif
char *p, *q; char *p, *q;
const int *list; const int *list;
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
unsigned char *context_buf = NULL;
size_t context_buf_len;
#endif
#if defined(MBEDTLS_SSL_EXPORT_KEYS) #if defined(MBEDTLS_SSL_EXPORT_KEYS)
unsigned char eap_tls_keymaterial[16]; unsigned char eap_tls_keymaterial[16];
unsigned char eap_tls_iv[8]; unsigned char eap_tls_iv[8];
@ -2922,7 +2926,6 @@ send_request:
if( opt.serialize != 0 ) if( opt.serialize != 0 )
{ {
size_t buf_len; size_t buf_len;
unsigned char *context_buf = NULL;
mbedtls_printf( " . Serializing live connection..." ); mbedtls_printf( " . Serializing live connection..." );
@ -2942,6 +2945,7 @@ send_request:
goto exit; goto exit;
} }
context_buf_len = buf_len;
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
buf_len, &buf_len ) ) != 0 ) buf_len, &buf_len ) ) != 0 )
@ -3012,6 +3016,10 @@ send_request:
goto exit; goto exit;
} }
mbedtls_free( context_buf );
context_buf = NULL;
context_buf_len = 0;
mbedtls_printf( " ok\n" ); mbedtls_printf( " ok\n" );
} }
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
@ -3152,6 +3160,11 @@ exit:
if( session_data != NULL ) if( session_data != NULL )
mbedtls_platform_zeroize( session_data, session_data_len ); mbedtls_platform_zeroize( session_data, session_data_len );
mbedtls_free( session_data ); mbedtls_free( session_data );
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
if( context_buf != NULL )
mbedtls_platform_zeroize( context_buf, context_buf_len );
mbedtls_free( context_buf );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO) defined(MBEDTLS_USE_PSA_CRYPTO)

View File

@ -1727,6 +1727,10 @@ int main( int argc, char *argv[] )
size_t cid_len = 0; size_t cid_len = 0;
size_t cid_renego_len = 0; size_t cid_renego_len = 0;
#endif #endif
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
unsigned char *context_buf = NULL;
size_t context_buf_len;
#endif
int i; int i;
char *p, *q; char *p, *q;
@ -3933,7 +3937,6 @@ data_exchange:
if( opt.serialize != 0 ) if( opt.serialize != 0 )
{ {
size_t buf_len; size_t buf_len;
unsigned char *context_buf = NULL;
mbedtls_printf( " . Serializing live connection..." ); mbedtls_printf( " . Serializing live connection..." );
@ -3953,6 +3956,7 @@ data_exchange:
goto exit; goto exit;
} }
context_buf_len = buf_len;
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
buf_len, &buf_len ) ) != 0 ) buf_len, &buf_len ) ) != 0 )
@ -4044,6 +4048,10 @@ data_exchange:
goto exit; goto exit;
} }
mbedtls_free( context_buf );
context_buf = NULL;
context_buf_len = 0;
mbedtls_printf( " ok\n" ); mbedtls_printf( " ok\n" );
} }
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
@ -4155,6 +4163,12 @@ exit:
mbedtls_free( buf ); mbedtls_free( buf );
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
if( context_buf != NULL )
mbedtls_platform_zeroize( context_buf, context_buf_len );
mbedtls_free( context_buf );
#endif
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#if defined(MBEDTLS_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_memory_buffer_alloc_status(); mbedtls_memory_buffer_alloc_status();