mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-09 01:05:30 +00:00
Fix mutex leak in HMAC_DRBG
mbedtls_hmac_drbg_free() left a mutex in the initialized state. This caused a resource leak on platforms where mbedtls_mutex_init() allocates resources. To fix this, mbedtls_hmac_drbg_free() no longer reinitializes the mutex. To preserve the property that mbedtls_hmac_drbg_free() leaves the object in an initialized state, which is generally true throughout the library except regarding mutex objects on some platforms, no longer initialize the mutex in mbedtls_hmac_drbg_init(). Since the mutex is only used after seeding, and seeding is only permitted once, call mbedtls_mutex_init() as part of the seeding process. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
831956980c
commit
05974893e6
|
@ -84,10 +84,6 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
|
||||||
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
|
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
|
||||||
|
|
||||||
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
||||||
|
|
||||||
#if defined(MBEDTLS_THREADING_C)
|
|
||||||
mbedtls_mutex_init( &ctx->mutex );
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -159,6 +155,10 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
|
||||||
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_THREADING_C)
|
||||||
|
mbedtls_mutex_init( &ctx->mutex );
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Set initial working state.
|
* Set initial working state.
|
||||||
* Use the V memory location, which is currently all 0, to initialize the
|
* Use the V memory location, which is currently all 0, to initialize the
|
||||||
|
@ -284,6 +284,10 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
|
||||||
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_THREADING_C)
|
||||||
|
mbedtls_mutex_init( &ctx->mutex );
|
||||||
|
#endif
|
||||||
|
|
||||||
md_size = mbedtls_md_get_size( md_info );
|
md_size = mbedtls_md_get_size( md_info );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -451,14 +455,12 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
#if defined(MBEDTLS_THREADING_C)
|
#if defined(MBEDTLS_THREADING_C)
|
||||||
mbedtls_mutex_free( &ctx->mutex );
|
if( ctx->md_ctx.md_info != NULL )
|
||||||
|
mbedtls_mutex_free( &ctx->mutex );
|
||||||
#endif
|
#endif
|
||||||
mbedtls_md_free( &ctx->md_ctx );
|
mbedtls_md_free( &ctx->md_ctx );
|
||||||
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
|
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
|
||||||
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
||||||
#if defined(MBEDTLS_THREADING_C)
|
|
||||||
mbedtls_mutex_init( &ctx->mutex );
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_FS_IO)
|
#if defined(MBEDTLS_FS_IO)
|
||||||
|
|
Loading…
Reference in a new issue