yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-10 11:55:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed potential memory leak when failing to resume a session

Browse source 
Conflicts:
	ChangeLog
	library/ssl_tls.c
This commit is contained in:
Paul Bakker 2013-09-11 11:45:41 +02:00
parent 16e5f81473
commit df177ba728
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -1,6 +1,9 @@
PolarSSL ChangeLog PolarSSL ChangeLog
= Branch 1.1 = Branch 1.1
Bugfix
* Fixed potential memory leak when failing to resume a session
Security Security
* Potential buffer-overflow for ssl_read_record() (independently found by * Potential buffer-overflow for ssl_read_record() (independently found by
both TrustInSoft and Paul Brodeur of Leviathan Security Group) both TrustInSoft and Paul Brodeur of Leviathan Security Group)

7
library/ssl_tls.c
View file

@ -1444,6 +1444,13 @@ int ssl_parse_certificate( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE );
} }
/* In case we tried to reuse a session but it failed */
if( ssl->peer_cert != NULL )
{
x509_free( ssl->peer_cert );
free( ssl->peer_cert );
}
if( ( ssl->peer_cert = (x509_cert *) malloc( if( ( ssl->peer_cert = (x509_cert *) malloc(
sizeof( x509_cert ) ) ) == NULL ) sizeof( x509_cert ) ) ) == NULL )
{ {