yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 20:01:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix for memory leak in RSA-SSA signing

Browse source 
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
This commit is contained in:
Simon Butcher 2016-01-02 00:03:39 +00:00
parent a192c8f5d8
commit 7d3f3a8ac8
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -7,6 +7,8 @@ Bugfix
* Fix bug in certificate validation that caused valid chains to be rejected * Fix bug in certificate validation that caused valid chains to be rejected
when the first intermediate certificate has pathLenConstraint=0. Found by when the first intermediate certificate has pathLenConstraint=0. Found by
Nicholas Wilson. Introduced in mbed TLS 1.3.15. #280 Nicholas Wilson. Introduced in mbed TLS 1.3.15. #280
* Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by
JayaraghavendranK. #372
= mbed TLS 1.3.15 released 2015-11-04 = mbed TLS 1.3.15 released 2015-11-04

10
library/rsa.c
View file

@ -1082,10 +1082,16 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
* temporary buffer and check it before returning it. * temporary buffer and check it before returning it.
*/ */
sig_try = polarssl_malloc( ctx->len ); sig_try = polarssl_malloc( ctx->len );
verif = polarssl_malloc( ctx->len ); if( sig_try == NULL )
if( sig_try == NULL || verif == NULL )
return( POLARSSL_ERR_MPI_MALLOC_FAILED ); return( POLARSSL_ERR_MPI_MALLOC_FAILED );
verif = polarssl_malloc( ctx->len );
if( verif == NULL )
{
polarssl_free( sig_try );
return( POLARSSL_ERR_MPI_MALLOC_FAILED );
}
MPI_CHK( rsa_private( ctx, f_rng, p_rng, sig, sig_try ) ); MPI_CHK( rsa_private( ctx, f_rng, p_rng, sig, sig_try ) );
MPI_CHK( rsa_public( ctx, sig_try, verif ) ); MPI_CHK( rsa_public( ctx, sig_try, verif ) );