yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-08 10:09:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix potential double-free in ssl_set_psk()

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-09-28 18:09:45 +02:00
parent 9bf29bee22
commit 5aff029f9d
2 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -15,6 +15,9 @@ Security
on crafted PEM input data. Found an fix provided by Guid Vranken. on crafted PEM input data. Found an fix provided by Guid Vranken.
Not triggerable remotely in TLS. Triggerable remotely if you accept PEM Not triggerable remotely in TLS. Triggerable remotely if you accept PEM
data from an untrusted source. data from an untrusted source.
* Fix potential double-free if ssl_set_psk() is called repeatedly on
the same ssl_context object and some memory allocations fail.
Found by Guido Vranken. Can not be forced remotely.
= mbed TLS 1.3.13 reladsed 2015-09-17 = mbed TLS 1.3.13 reladsed 2015-09-17

2
library/ssl_tls.c
View file

@ -4064,7 +4064,9 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
( ssl->psk_identity = polarssl_malloc( psk_identity_len ) ) == NULL ) ( ssl->psk_identity = polarssl_malloc( psk_identity_len ) ) == NULL )
{ {
polarssl_free( ssl->psk ); polarssl_free( ssl->psk );
polarssl_free( ssl->psk_identity );
ssl->psk = NULL; ssl->psk = NULL;
ssl->psk_identity = NULL;
return( POLARSSL_ERR_SSL_MALLOC_FAILED ); return( POLARSSL_ERR_SSL_MALLOC_FAILED );
} }