mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-28 18:32:56 +00:00
Fix memory leak in client/server2
context_buf was never free()d. Moreover, since we want to free it on error paths as well, and even properly zeroize it in order to demonstrate good memory hygiene, we need to make it and its length main()-scoped.
This commit is contained in:
parent
c2a7b891a1
commit
3309a67996
@ -1083,6 +1083,10 @@ int main( int argc, char *argv[] )
|
||||
#endif
|
||||
char *p, *q;
|
||||
const int *list;
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
unsigned char *context_buf = NULL;
|
||||
size_t context_buf_len;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
|
||||
unsigned char eap_tls_keymaterial[16];
|
||||
unsigned char eap_tls_iv[8];
|
||||
@ -2922,7 +2926,6 @@ send_request:
|
||||
if( opt.serialize != 0 )
|
||||
{
|
||||
size_t buf_len;
|
||||
unsigned char *context_buf = NULL;
|
||||
|
||||
mbedtls_printf( " . Serializing live connection..." );
|
||||
|
||||
@ -2942,6 +2945,7 @@ send_request:
|
||||
|
||||
goto exit;
|
||||
}
|
||||
context_buf_len = buf_len;
|
||||
|
||||
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
|
||||
buf_len, &buf_len ) ) != 0 )
|
||||
@ -3012,6 +3016,10 @@ send_request:
|
||||
goto exit;
|
||||
}
|
||||
|
||||
mbedtls_free( context_buf );
|
||||
context_buf = NULL;
|
||||
context_buf_len = 0;
|
||||
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
|
||||
@ -3152,6 +3160,11 @@ exit:
|
||||
if( session_data != NULL )
|
||||
mbedtls_platform_zeroize( session_data, session_data_len );
|
||||
mbedtls_free( session_data );
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
|
||||
defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
@ -1727,6 +1727,10 @@ int main( int argc, char *argv[] )
|
||||
size_t cid_len = 0;
|
||||
size_t cid_renego_len = 0;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
unsigned char *context_buf = NULL;
|
||||
size_t context_buf_len;
|
||||
#endif
|
||||
|
||||
int i;
|
||||
char *p, *q;
|
||||
@ -3933,7 +3937,6 @@ data_exchange:
|
||||
if( opt.serialize != 0 )
|
||||
{
|
||||
size_t buf_len;
|
||||
unsigned char *context_buf = NULL;
|
||||
|
||||
mbedtls_printf( " . Serializing live connection..." );
|
||||
|
||||
@ -3953,6 +3956,7 @@ data_exchange:
|
||||
|
||||
goto exit;
|
||||
}
|
||||
context_buf_len = buf_len;
|
||||
|
||||
if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf,
|
||||
buf_len, &buf_len ) ) != 0 )
|
||||
@ -4044,6 +4048,10 @@ data_exchange:
|
||||
goto exit;
|
||||
}
|
||||
|
||||
mbedtls_free( context_buf );
|
||||
context_buf = NULL;
|
||||
context_buf_len = 0;
|
||||
|
||||
mbedtls_printf( " ok\n" );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
|
||||
@ -4155,6 +4163,12 @@ exit:
|
||||
|
||||
mbedtls_free( buf );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
|
||||
#if defined(MBEDTLS_MEMORY_DEBUG)
|
||||
mbedtls_memory_buffer_alloc_status();
|
||||
|
Loading…
x
Reference in New Issue
Block a user