Fix potential double-free in ssl_set_psk()

Internal ref: IOTSSL-517
This commit is contained in:
Manuel Pégourié-Gonnard 2015-10-27 10:54:53 +01:00
parent ad9c68ab21
commit 9c52176776
2 changed files with 9 additions and 0 deletions

View file

@ -1,5 +1,12 @@
mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 1.3.15 released 2015-10-xx
Security
* Fix potential double free if ssl_set_psk() is called more than once and
some allocation fails. Cannot be forced remotely. Found by Guido Vranken,
Intelworks.
= mbed TLS 1.3.14 released 2015-10-06
Security

View file

@ -4058,6 +4058,8 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
{
polarssl_free( ssl->psk );
polarssl_free( ssl->psk_identity );
ssl->psk = NULL;
ssl->psk_identity = NULL;
}
if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL ||