Merge branch 'iotssl-517-double-free-restricted' into development-restricted

* iotssl-517-double-free-restricted:
  Fix potential double-free in ssl_conf_psk()
This commit is contained in:
Manuel Pégourié-Gonnard 2015-11-02 11:03:32 +09:00
commit f8b2442e2f
2 changed files with 5 additions and 0 deletions

View File

@ -3,6 +3,9 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.2.0 released 2015-10-xx = mbed TLS 2.2.0 released 2015-10-xx
Security Security
* Fix potential double free if mbedtls_ssl_conf_psk() is called more than
once and some allocation fails. Cannot be forced remotely. Found by Guido
Vranken, Intelworks.
* The X509 max_pathlen constraint was not enforced on intermediate * The X509 max_pathlen constraint was not enforced on intermediate
certificates. Found by Nicholas Wilson, fix and tests provided by certificates. Found by Nicholas Wilson, fix and tests provided by
Janos Follath. #280 and #319 Janos Follath. #280 and #319

View File

@ -5772,6 +5772,8 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
{ {
mbedtls_free( conf->psk ); mbedtls_free( conf->psk );
mbedtls_free( conf->psk_identity ); mbedtls_free( conf->psk_identity );
conf->psk = NULL;
conf->psk_identity = NULL;
} }
if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL || if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||