mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:55:43 +01:00
Fix crash when calling mbedtls_ssl_cache_free
twice
Set `cache` to zero at the end of `mbedtls_ssl_cache_free` #1104
This commit is contained in:
parent
88f5808c13
commit
e1a9a4a826
@ -12,6 +12,8 @@ Bugfix
|
||||
* Parse signature algorithm extension when renegotiating. Previously,
|
||||
renegotiated handshakes would only accept signatures using SHA-1
|
||||
regardless of the peer's preferences, or fail if SHA-1 was disabled.
|
||||
* Fix crash when calling mbedtls_ssl_cache_free() twice. Found by
|
||||
MilenkoMitrovic, #1104
|
||||
|
||||
= mbed TLS 2.6.0 branch released 2017-08-10
|
||||
|
||||
|
@ -43,6 +43,11 @@
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache )
|
||||
{
|
||||
memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) );
|
||||
@ -321,6 +326,8 @@ void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache )
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
mbedtls_mutex_free( &cache->mutex );
|
||||
#endif
|
||||
|
||||
mbedtls_zeroize( cache, sizeof(mbedtls_ssl_cache_context) );
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_SSL_CACHE_C */
|
||||
|
Loading…
Reference in New Issue
Block a user