diff options
| author | Bence Szépkúti <bence.szepkuti@arm.com> | 2022-12-12 21:37:36 +0100 |
|---|---|---|
| committer | Bence Szépkúti <bence.szepkuti@arm.com> | 2022-12-12 21:59:03 +0100 |
| commit | f7641544eafeaf0c71d109fbbec1d9f8aa2e74d8 (patch) | |
| tree | 7e26651b48b34e04ed1dc84a621e8d1a3b0cf02e | |
| parent | 1362c5ab16015c6510a10a90ee2b4839e1ed39c9 (diff) | |
| download | mbedtls-f7641544eafeaf0c71d109fbbec1d9f8aa2e74d8.tar.gz | |
Correct the fix for the PKCS 7 memory leak
This corrects an issue in the origina fix in
4f01121f6e598c51e42a69f3fd9a54846013117a.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
| -rw-r--r-- | library/pkcs7.c | 45 |
1 files changed, 23 insertions, 22 deletions
diff --git a/library/pkcs7.c b/library/pkcs7.c index 5b22afac9..9100980f6 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -253,6 +253,24 @@ static int pkcs7_get_signature( unsigned char **p, unsigned char *end, return( 0 ); } +static void pkcs7_free_signer_info( mbedtls_pkcs7_signer_info *signer ) +{ + mbedtls_x509_name *name_cur; + mbedtls_x509_name *name_prv; + + if( signer == NULL ) + return; + + name_cur = signer->issuer.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + mbedtls_free( name_prv ); + } + signer->issuer.next = NULL; +} + /** * SignerInfo ::= SEQUENCE { * version Version; @@ -329,33 +347,16 @@ static int pkcs7_get_signer_info( unsigned char **p, unsigned char *end, ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; out: - if( asn1_ret != 0 ) + if( asn1_ret != 0 || ret != 0 ) + { + pkcs7_free_signer_info( signer ); ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO, asn1_ret ); - else if( ret != 0 ) - ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; + } return( ret ); } -static void pkcs7_free_signer_info( mbedtls_pkcs7_signer_info *signer ) -{ - mbedtls_x509_name *name_cur; - mbedtls_x509_name *name_prv; - - if( signer == NULL ) - return; - - name_cur = signer->issuer.next; - while( name_cur != NULL ) - { - name_prv = name_cur; - name_cur = name_cur->next; - mbedtls_free( name_prv ); - } - signer->issuer.next = NULL; -} - /** * SignerInfos ::= SET of SignerInfo * Return number of signers added to the signed data, @@ -387,7 +388,7 @@ static int pkcs7_get_signers_info_set( unsigned char **p, unsigned char *end, ret = pkcs7_get_signer_info( p, end_set, signers_set ); if( ret != 0 ) - goto cleanup; + return( ret ); count++; mbedtls_pkcs7_signer_info *prev = signers_set; |