Fix memory leak in CSR test suite on failure

This commit is contained in:
Hanno Becker 2019-06-03 16:28:24 +01:00 committed by Andrzej Kurek
parent 2fcdd7446e
commit bf2dacb8fe

View file

@ -39,26 +39,36 @@ static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
unsigned char hash[MBEDTLS_MD_MAX_SIZE]; unsigned char hash[MBEDTLS_MD_MAX_SIZE];
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
mbedtls_x509_csr csr; mbedtls_x509_csr csr;
int ret = 0;
mbedtls_x509_csr_init( &csr );
if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); {
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
goto cleanup;
}
md_info = mbedtls_md_info_from_type( csr.sig_md ); md_info = mbedtls_md_info_from_type( csr.sig_md );
if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
{ {
/* Note: this can't happen except after an internal error */ /* Note: this can't happen except after an internal error */
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
goto cleanup;
} }
if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
csr.sig_md, hash, mbedtls_md_get_size( md_info ), csr.sig_md, hash, mbedtls_md_get_size( md_info ),
csr.sig.p, csr.sig.len ) != 0 ) csr.sig.p, csr.sig.len ) != 0 )
{ {
return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
goto cleanup;
} }
cleanup:
mbedtls_x509_csr_free( &csr ); mbedtls_x509_csr_free( &csr );
return( 0 ); return( ret );
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO */