mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-28 08:37:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #6521 from daverodgman/fix_ssl_zeroize

Browse Source 
Fix zeroization at NULL pointer
This commit is contained in:
Dave Rodgman 2022-11-01 20:50:38 +00:00 committed by GitHub
commit 5f8dfb5393
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.d/fix_zeroization.txt Normal file
View File

@ -0,0 +1,3 @@
Bugfix
* Fix possible crash in TLS PRF code, if a failure to allocate memory occurs.
Reported by Michael Madsen in #6516.

4
library/ssl_tls.c
View File

@ -5635,7 +5635,9 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
exit: exit:
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
mbedtls_platform_zeroize( tmp, tmp_len ); if ( tmp != NULL )
mbedtls_platform_zeroize( tmp, tmp_len );
mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); mbedtls_platform_zeroize( h_i, sizeof( h_i ) );
mbedtls_free( tmp ); mbedtls_free( tmp );