mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 05:50:57 +00:00
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but hasn't been asigned to grp->T yet). Symptom was a memory leak in ECDHE key exchange under low memory conditions.
This commit is contained in:
parent
6c34268e20
commit
608a487b9c
|
@ -86,6 +86,8 @@ Bugfix
|
||||||
* Correct the documentation for `mbedtls_ssl_get_session()`. This API has
|
* Correct the documentation for `mbedtls_ssl_get_session()`. This API has
|
||||||
deep copy of the session, and the peer certificate is not lost. Fixes #926.
|
deep copy of the session, and the peer certificate is not lost. Fixes #926.
|
||||||
* Fix build using -std=c99. Fixed by Nick Wilson.
|
* Fix build using -std=c99. Fixed by Nick Wilson.
|
||||||
|
* Fix a memory leak in ecp_mul_comb() if ecp_precompute_comb() fails.
|
||||||
|
Fix contributed by Espressif Systems.
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Fail when receiving a TLS alert message with an invalid length, or invalid
|
* Fail when receiving a TLS alert message with an invalid length, or invalid
|
||||||
|
|
|
@ -1446,7 +1446,12 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
if( T != NULL && ! p_eq_g )
|
/* There are two cases where T is not stored in grp:
|
||||||
|
* - P != G
|
||||||
|
* - An intermediate operation failed before setting grp->T
|
||||||
|
* In either case, T must be freed.
|
||||||
|
*/
|
||||||
|
if( T != NULL && T != grp->T )
|
||||||
{
|
{
|
||||||
for( i = 0; i < pre_len; i++ )
|
for( i = 0; i < pre_len; i++ )
|
||||||
mbedtls_ecp_point_free( &T[i] );
|
mbedtls_ecp_point_free( &T[i] );
|
||||||
|
|
Loading…
Reference in a new issue