cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-14 17:47:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6523 from daverodgman/fix_ssl_zeroize-2.28

Browse Source 
Fix zeroization at NULL pointer - 2.28 backport
This commit is contained in:
Dave Rodgman 2022-11-01 20:50:33 +00:00 committed by GitHub
commit 35e2b2b2bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.d/fix_zeroization.txt Normal file
View File

@ -0,0 +1,3 @@
Bugfix
* Fix possible crash in TLS PRF code, if a failure to allocate memory occurs.
Reported by Michael Madsen in #6516.

4
library/ssl_tls.c
View File

@ -760,7 +760,9 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
exit: exit:
mbedtls_md_free( &md_ctx ); mbedtls_md_free( &md_ctx );
mbedtls_platform_zeroize( tmp, tmp_len ); if ( tmp != NULL )
mbedtls_platform_zeroize( tmp, tmp_len );
mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); mbedtls_platform_zeroize( h_i, sizeof( h_i ) );
mbedtls_free( tmp ); mbedtls_free( tmp );