From 57207711d8287e1c283797faeb402a1c16d8fc4b Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Fri, 24 Feb 2023 14:03:30 +0100 Subject: [PATCH] Add MBEDTLS_ASN1_CHK_CLEANUP_ADD macro to be able to release memory on failure Signed-off-by: Przemek Stekiel --- include/mbedtls/asn1write.h | 9 +++++++++ library/x509write_csr.c | 35 +++++++++++++++++++++-------------- 2 files changed, 30 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index acfc073915..da7375962c 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -35,6 +35,15 @@ (g) += ret; \ } while (0) +#define MBEDTLS_ASN1_CHK_CLEANUP_ADD(g, f) \ + do \ + { \ + if ((ret = (f)) < 0) \ + goto cleanup; \ + else \ + (g) += ret; \ + } while (0) + #ifdef __cplusplus extern "C" { #endif diff --git a/library/x509write_csr.c b/library/x509write_csr.c index a1a1206c0b..45e9187766 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -99,7 +99,7 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct /* Determine the maximum size of the SubjectAltName list */ while (cur != NULL) { /* Calculate size of the required buffer */ - switch(cur->node.type) { + switch (cur->node.type) { case MBEDTLS_X509_SAN_DNS_NAME: case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: case MBEDTLS_X509_SAN_IP_ADDRESS: @@ -139,15 +139,20 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct case MBEDTLS_X509_SAN_DNS_NAME: case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: case MBEDTLS_X509_SAN_IP_ADDRESS: - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_raw_buffer(&p, buf, - (const unsigned char *) cur->node.san.unstructured_name.p, - cur->node.san.unstructured_name.len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.san.unstructured_name.len)); - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_tag(&p, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - cur->node.type)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, + mbedtls_asn1_write_raw_buffer(&p, buf, + (const unsigned char *) + cur->node.san. + unstructured_name.p, + cur->node.san. + unstructured_name.len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, mbedtls_asn1_write_len(&p, buf, + cur->node.san. + unstructured_name.len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, + mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + cur->node.type)); break; default: /* Skip unsupported names. */ @@ -156,10 +161,11 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct cur = cur->next; } - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_tag(&p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, + mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); ret = mbedtls_x509write_csr_set_extension( ctx, @@ -169,6 +175,7 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct buf + buflen - len, len); +cleanup: mbedtls_free(buf); return ret; }