mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-25 22:11:12 +00:00
Fix potential double-free in ssl_set_psk()
Internal ref: IOTSSL-517
This commit is contained in:
parent
ad9c68ab21
commit
9c52176776
|
@ -1,5 +1,12 @@
|
||||||
mbed TLS ChangeLog (Sorted per branch, date)
|
mbed TLS ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
|
= mbed TLS 1.3.15 released 2015-10-xx
|
||||||
|
|
||||||
|
Security
|
||||||
|
* Fix potential double free if ssl_set_psk() is called more than once and
|
||||||
|
some allocation fails. Cannot be forced remotely. Found by Guido Vranken,
|
||||||
|
Intelworks.
|
||||||
|
|
||||||
= mbed TLS 1.3.14 released 2015-10-06
|
= mbed TLS 1.3.14 released 2015-10-06
|
||||||
|
|
||||||
Security
|
Security
|
||||||
|
|
|
@ -4058,6 +4058,8 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
|
||||||
{
|
{
|
||||||
polarssl_free( ssl->psk );
|
polarssl_free( ssl->psk );
|
||||||
polarssl_free( ssl->psk_identity );
|
polarssl_free( ssl->psk_identity );
|
||||||
|
ssl->psk = NULL;
|
||||||
|
ssl->psk_identity = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL ||
|
if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL ||
|
||||||
|
|
Loading…
Reference in a new issue