Merge remote-tracking branch 'public/pr/1772' into mbedtls-2.7

This commit is contained in:
Simon Butcher 2018-06-27 11:08:33 +01:00
commit c5edf81065
2 changed files with 12 additions and 19 deletions

View file

@ -5,6 +5,8 @@ mbed TLS ChangeLog (Sorted per branch, date)
Bugfix Bugfix
* Change the shebang line in Perl scripts to look up perl in the PATH. * Change the shebang line in Perl scripts to look up perl in the PATH.
Contributed by fbrosson in #1533. Contributed by fbrosson in #1533.
* Fix a memory leak in mbedtls_x509_csr_parse(), found by catenacyber,
Philippe Antoine.
= mbed TLS 2.7.4 branch released 2018-06-18 = mbed TLS 2.7.4 branch released 2018-06-18

View file

@ -278,34 +278,25 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
#if defined(MBEDTLS_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
mbedtls_pem_init( &pem );
/* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
if( buf[buflen - 1] != '\0' ) if( buf[buflen - 1] == '\0' )
ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; {
else mbedtls_pem_init( &pem );
ret = mbedtls_pem_read_buffer( &pem, ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN CERTIFICATE REQUEST-----", "-----BEGIN CERTIFICATE REQUEST-----",
"-----END CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len ); buf, NULL, 0, &use_len );
if( ret == 0 ) if( ret == 0 )
{ /*
/* * Was PEM encoded, parse the result
* Was PEM encoded, parse the result */
*/ ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 )
return( ret );
mbedtls_pem_free( &pem ); mbedtls_pem_free( &pem );
return( 0 ); if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
return( ret );
} }
else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
{
mbedtls_pem_free( &pem );
return( ret );
}
else
#endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
} }