From 30a95102b182b73c16948c0592a5fc56e21d33dc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 5 Oct 2018 09:49:33 +0100 Subject: [PATCH 1/2] Fix memory leak and freeing without initialization in cert_write * The variables `csr` and `issuer_crt` are initialized but not freed. * The variable `entropy` is unconditionally freed in the cleanup section but there's a conditional jump to that section before its initialization. This cmmot Moves it to the other initializations happening before the first conditional jump to the cleanup section. Fixes #1422. --- programs/x509/cert_write.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index fa994613d..3842ebce4 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -242,6 +242,7 @@ int main( int argc, char *argv[] ) mbedtls_pk_init( &loaded_subject_key ); mbedtls_mpi_init( &serial ); mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_entropy_init( &entropy ); #if defined(MBEDTLS_X509_CSR_PARSE_C) mbedtls_x509_csr_init( &csr ); #endif @@ -475,7 +476,6 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Seeding the random number generator..." ); fflush( stdout ); - mbedtls_entropy_init( &entropy ); if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) @@ -789,6 +789,10 @@ int main( int argc, char *argv[] ) exit_code = MBEDTLS_EXIT_SUCCESS; exit: +#if defined(MBEDTLS_X509_CSR_PARSE_C) + mbedtls_x509_csr_free( &csr ); +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + mbedtls_x509_crt_free( &issuer_crt ); mbedtls_x509write_crt_free( &crt ); mbedtls_pk_free( &loaded_subject_key ); mbedtls_pk_free( &loaded_issuer_key ); From 617a321ed967ef9694e118344d4bc227a44fd2fc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 5 Oct 2018 09:51:36 +0100 Subject: [PATCH 2/2] Adapt ChangeLog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 513f24f3a..7aede8a3b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,8 @@ Bugfix invalidated keys of a lifetime of less than a 1s. Fixes #1968. * Fix failure in hmac_drbg in the benchmark sample application, when MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095 + * Fix memory leak and freeing without initialization in the example + program programs/x509/cert_write. Fixes #1422. Changes * Add tests for session resumption in DTLS.