mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 18:24:16 +01:00
Merge branch 'iotssl-517-double-free-restricted' into development-restricted
* iotssl-517-double-free-restricted: Fix potential double-free in ssl_conf_psk()
This commit is contained in:
commit
f8b2442e2f
@ -3,6 +3,9 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||||||
= mbed TLS 2.2.0 released 2015-10-xx
|
= mbed TLS 2.2.0 released 2015-10-xx
|
||||||
|
|
||||||
Security
|
Security
|
||||||
|
* Fix potential double free if mbedtls_ssl_conf_psk() is called more than
|
||||||
|
once and some allocation fails. Cannot be forced remotely. Found by Guido
|
||||||
|
Vranken, Intelworks.
|
||||||
* The X509 max_pathlen constraint was not enforced on intermediate
|
* The X509 max_pathlen constraint was not enforced on intermediate
|
||||||
certificates. Found by Nicholas Wilson, fix and tests provided by
|
certificates. Found by Nicholas Wilson, fix and tests provided by
|
||||||
Janos Follath. #280 and #319
|
Janos Follath. #280 and #319
|
||||||
|
@ -5772,6 +5772,8 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
|
|||||||
{
|
{
|
||||||
mbedtls_free( conf->psk );
|
mbedtls_free( conf->psk );
|
||||||
mbedtls_free( conf->psk_identity );
|
mbedtls_free( conf->psk_identity );
|
||||||
|
conf->psk = NULL;
|
||||||
|
conf->psk_identity = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
|
if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
|
||||||
|
Loading…
Reference in New Issue
Block a user