mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 14:44:15 +01:00
Merge branch 'iotssl-517-double-free-restricted' into development-restricted
* iotssl-517-double-free-restricted: Fix potential double-free in ssl_conf_psk()
This commit is contained in:
commit
f8b2442e2f
@ -3,6 +3,9 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
||||
= mbed TLS 2.2.0 released 2015-10-xx
|
||||
|
||||
Security
|
||||
* Fix potential double free if mbedtls_ssl_conf_psk() is called more than
|
||||
once and some allocation fails. Cannot be forced remotely. Found by Guido
|
||||
Vranken, Intelworks.
|
||||
* The X509 max_pathlen constraint was not enforced on intermediate
|
||||
certificates. Found by Nicholas Wilson, fix and tests provided by
|
||||
Janos Follath. #280 and #319
|
||||
|
@ -5772,6 +5772,8 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
|
||||
{
|
||||
mbedtls_free( conf->psk );
|
||||
mbedtls_free( conf->psk_identity );
|
||||
conf->psk = NULL;
|
||||
conf->psk_identity = NULL;
|
||||
}
|
||||
|
||||
if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
|
||||
|
Loading…
Reference in New Issue
Block a user