mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 09:35:39 +00:00
Fix potential double-free in ssl_set_psk()
Internal ref: IOTSSL-517
This commit is contained in:
parent
ad9c68ab21
commit
9c52176776
|
@ -1,5 +1,12 @@
|
|||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 1.3.15 released 2015-10-xx
|
||||
|
||||
Security
|
||||
* Fix potential double free if ssl_set_psk() is called more than once and
|
||||
some allocation fails. Cannot be forced remotely. Found by Guido Vranken,
|
||||
Intelworks.
|
||||
|
||||
= mbed TLS 1.3.14 released 2015-10-06
|
||||
|
||||
Security
|
||||
|
|
|
@ -4058,6 +4058,8 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
|
|||
{
|
||||
polarssl_free( ssl->psk );
|
||||
polarssl_free( ssl->psk_identity );
|
||||
ssl->psk = NULL;
|
||||
ssl->psk_identity = NULL;
|
||||
}
|
||||
|
||||
if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL ||
|
||||
|
|
Loading…
Reference in a new issue