yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-25 19:11:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Backport 1.3:Fix crash when calling mbedtls_ssl_cache_free twice

Browse source 
Set `cache` to zero at the end of `mbedtls_ssl_cache_free` #1104
This commit is contained in:
Ron Eldor 2017-10-17 18:15:41 +03:00
parent 75ea35eac8
commit 1f311ed587
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -14,6 +14,8 @@ Bugfix
* Fix leap year calculation in x509_date_is_valid() to ensure that invalid * Fix leap year calculation in x509_date_is_valid() to ensure that invalid
dates on leap years with 100 and 400 intervals are handled correctly. Found dates on leap years with 100 and 400 intervals are handled correctly. Found
by Nicholas Wilson. #694 by Nicholas Wilson. #694
* Fix crash when calling mbedtls_ssl_cache_free() twice. Found by
MilenkoMitrovic, #1104
= mbed TLS 1.3.21 branch released 2017-08-10 = mbed TLS 1.3.21 branch released 2017-08-10

8
library/ssl_cache.c
View file

@ -44,6 +44,12 @@
#define polarssl_free free #define polarssl_free free
#endif #endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void ssl_cache_init( ssl_cache_context *cache ) void ssl_cache_init( ssl_cache_context *cache )
{ {
memset( cache, 0, sizeof( ssl_cache_context ) ); memset( cache, 0, sizeof( ssl_cache_context ) );
@ -324,6 +330,8 @@ void ssl_cache_free( ssl_cache_context *cache )
#if defined(POLARSSL_THREADING_C) #if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &cache->mutex ); polarssl_mutex_free( &cache->mutex );
#endif #endif
polarssl_zeroize( cache, sizeof(ssl_cache_context) );
} }
#endif /* POLARSSL_SSL_CACHE_C */ #endif /* POLARSSL_SSL_CACHE_C */