mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:05:36 +01:00
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but hasn't been asigned to grp->T yet). Symptom was a memory leak in ECDHE key exchange under low memory conditions.
This commit is contained in:
parent
6c34268e20
commit
608a487b9c
@ -86,6 +86,8 @@ Bugfix
|
||||
* Correct the documentation for `mbedtls_ssl_get_session()`. This API has
|
||||
deep copy of the session, and the peer certificate is not lost. Fixes #926.
|
||||
* Fix build using -std=c99. Fixed by Nick Wilson.
|
||||
* Fix a memory leak in ecp_mul_comb() if ecp_precompute_comb() fails.
|
||||
Fix contributed by Espressif Systems.
|
||||
|
||||
Changes
|
||||
* Fail when receiving a TLS alert message with an invalid length, or invalid
|
||||
|
@ -1446,7 +1446,12 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
||||
|
||||
cleanup:
|
||||
|
||||
if( T != NULL && ! p_eq_g )
|
||||
/* There are two cases where T is not stored in grp:
|
||||
* - P != G
|
||||
* - An intermediate operation failed before setting grp->T
|
||||
* In either case, T must be freed.
|
||||
*/
|
||||
if( T != NULL && T != grp->T )
|
||||
{
|
||||
for( i = 0; i < pre_len; i++ )
|
||||
mbedtls_ecp_point_free( &T[i] );
|
||||
|
Loading…
Reference in New Issue
Block a user