arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-27 21:16:50 +03:00
Code

Add OOM check and debug message in CertStore (#5820)

Browse Source 
Fixes #5819
This commit is contained in:
Earle F. Philhower, III 2019-02-26 02:46:25 +00:00 committed by GitHub
parent d507c799f7
commit 95cf925719
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libraries/ESP8266WiFi/src/CertStoreBearSSL.cpp
View File

@ -20,6 +20,13 @@
#include "CertStoreBearSSL.h" #include "CertStoreBearSSL.h"
#include <memory> #include <memory>
#ifdef DEBUG_ESP_SSL
#define DEBUG_BSSL(fmt, ...) DEBUG_ESP_PORT.printf_P((PGM_P)PSTR( "BSSL:" fmt), ## __VA_ARGS__)
#else
#define DEBUG_BSSL(...)
#endif
namespace BearSSL { namespace BearSSL {
extern "C" { extern "C" {
@ -39,6 +46,11 @@ CertStore::CertInfo CertStore::_preprocessCert(uint32_t length, uint32_t offset,
// Process it using SHA256, same as the hashed_dn // Process it using SHA256, same as the hashed_dn
br_x509_decoder_context *ctx = new br_x509_decoder_context; br_x509_decoder_context *ctx = new br_x509_decoder_context;
br_sha256_context *sha256 = new br_sha256_context; br_sha256_context *sha256 = new br_sha256_context;
if (!ctx || !sha256) {
DEBUG_BSSL("CertStore::_preprocessCert: OOM\n");
return ci;
}
br_sha256_init(sha256); br_sha256_init(sha256);
br_x509_decoder_init(ctx, dn_append, sha256, nullptr, nullptr); br_x509_decoder_init(ctx, dn_append, sha256, nullptr, nullptr);
br_x509_decoder_push(ctx, (const void*)raw, length); br_x509_decoder_push(ctx, (const void*)raw, length);
@ -172,6 +184,10 @@ const br_x509_trust_anchor *CertStore::findHashedTA(void *ctx, void *hashed_dn,
cs->_data->close(); cs->_data->close();
cs->_x509 = new X509List(der, ci.length); cs->_x509 = new X509List(der, ci.length);
free(der); free(der);
if (!cs->_x509) {
DEBUG_BSSL("CertStore::findHashedTA: OOM\n");
return nullptr;
}
br_x509_trust_anchor *ta = (br_x509_trust_anchor*)cs->_x509->getTrustAnchors(); br_x509_trust_anchor *ta = (br_x509_trust_anchor*)cs->_x509->getTrustAnchors();
memcpy(ta->dn.data, ci.sha256, sizeof(ci.sha256)); memcpy(ta->dn.data, ci.sha256, sizeof(ci.sha256));