mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-04 06:40:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix memory leak.

Browse Source 
The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.

Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-03-06 11:59:59 +01:00
parent 02d55d5825
commit 947cee18a1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/ssl_tls.c
View File

@ -839,6 +839,8 @@ int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
return mbedtls_md_error_from_psa(status);
}
#else
mbedtls_md_free(&ssl->handshake->fin_sha256);
mbedtls_md_init(&ssl->handshake->fin_sha256);
ret = mbedtls_md_setup(&ssl->handshake->fin_sha256,
mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
0);
@ -862,6 +864,8 @@ int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl)
return mbedtls_md_error_from_psa(status);
}
#else
mbedtls_md_free(&ssl->handshake->fin_sha384);
mbedtls_md_init(&ssl->handshake->fin_sha384);
ret = mbedtls_md_setup(&ssl->handshake->fin_sha384,
mbedtls_md_info_from_type(MBEDTLS_MD_SHA384), 0);
if (ret != 0) {