From 3820c150d1e67e50cca06707f1e401867a0f03a7 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Thu, 9 Dec 2021 12:48:51 +0000
Subject: [PATCH 1/2] Prevent resource leak

If -f was used as an argument twice to the program, then it would leak
the file resource, due to overwriting it on the second pass

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 programs/ssl/ssl_context_info.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index 5ad9120321..999bfe89b2 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -219,7 +219,13 @@ void parse_arguments( int argc, char *argv[] )
                 error_exit();
             }
 
-            if( ( b64_file = fopen( argv[i], "r" ) ) == NULL )
+            if( NULL != b64_file )
+            {
+                printf_err( "Cannot specify more than one file with -f\n" );
+                error_exit( );
+            }
+
+            if( ( b64_file = fopen( argv[i], "r" )) == NULL )
             {
                 printf_err( "Cannot find file \"%s\"\n", argv[i] );
                 error_exit();

From ef9cccaf3cc0986766917e7c79b97ba1cc457c70 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Thu, 9 Dec 2021 14:48:47 +0000
Subject: [PATCH 2/2] Fix printf format specifier

Also mark function as printf variant so compiler will pickup any future
issues.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 programs/ssl/ssl_context_info.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index 999bfe89b2..62c3cc52b7 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -20,6 +20,7 @@
 #define MBEDTLS_ALLOW_PRIVATE_ACCESS
 
 #include "mbedtls/build_info.h"
+#include "mbedtls/debug.h"
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -161,6 +162,7 @@ void printf_dbg( const char *str, ... )
     }
 }
 
+MBEDTLS_PRINTF_ATTRIBUTE( 1, 2 )
 void printf_err( const char *str, ... )
 {
     va_list args;
@@ -467,7 +469,8 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len )
             }
             else if( len > *max_len )
             {
-                printf_err( "The code found is too large by %u bytes.\n", len - *max_len );
+                printf_err( "The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n",
+                            len - *max_len );
                 len = pad = 0;
             }
             else if( len % 4 != 0 )