mirror of
				https://github.com/Mbed-TLS/mbedtls.git
				synced 2025-10-24 13:32:59 +03:00 
			
		
		
		
	Merge pull request #980 from Mbed-TLS/mbedtls-3.3.0rc1-pr
Mbedtls 3.3.0rc1 pr - Correct PKCS 7 memory leak fix
This commit is contained in:
		| @@ -253,6 +253,24 @@ static int pkcs7_get_signature( unsigned char **p, unsigned char *end, | ||||
|     return( 0 ); | ||||
| } | ||||
|  | ||||
| static void pkcs7_free_signer_info( mbedtls_pkcs7_signer_info *signer ) | ||||
| { | ||||
|     mbedtls_x509_name *name_cur; | ||||
|     mbedtls_x509_name *name_prv; | ||||
|  | ||||
|     if( signer == NULL ) | ||||
|         return; | ||||
|  | ||||
|     name_cur = signer->issuer.next; | ||||
|     while( name_cur != NULL ) | ||||
|     { | ||||
|         name_prv = name_cur; | ||||
|         name_cur = name_cur->next; | ||||
|         mbedtls_free( name_prv ); | ||||
|     } | ||||
|     signer->issuer.next = NULL; | ||||
| } | ||||
|  | ||||
| /** | ||||
|  * SignerInfo ::= SEQUENCE { | ||||
|  *      version Version; | ||||
| @@ -329,33 +347,16 @@ static int pkcs7_get_signer_info( unsigned char **p, unsigned char *end, | ||||
|         ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; | ||||
|  | ||||
| out: | ||||
|     if( asn1_ret != 0 ) | ||||
|     if( asn1_ret != 0 || ret != 0 ) | ||||
|     { | ||||
|         pkcs7_free_signer_info( signer ); | ||||
|         ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO, | ||||
|                                     asn1_ret ); | ||||
|     else if( ret != 0 ) | ||||
|         ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; | ||||
|     } | ||||
|  | ||||
|     return( ret ); | ||||
| } | ||||
|  | ||||
| static void pkcs7_free_signer_info( mbedtls_pkcs7_signer_info *signer ) | ||||
| { | ||||
|     mbedtls_x509_name *name_cur; | ||||
|     mbedtls_x509_name *name_prv; | ||||
|  | ||||
|     if( signer == NULL ) | ||||
|         return; | ||||
|  | ||||
|     name_cur = signer->issuer.next; | ||||
|     while( name_cur != NULL ) | ||||
|     { | ||||
|         name_prv = name_cur; | ||||
|         name_cur = name_cur->next; | ||||
|         mbedtls_free( name_prv ); | ||||
|     } | ||||
|     signer->issuer.next = NULL; | ||||
| } | ||||
|  | ||||
| /** | ||||
|  * SignerInfos ::= SET of SignerInfo | ||||
|  * Return number of signers added to the signed data, | ||||
| @@ -387,7 +388,7 @@ static int pkcs7_get_signers_info_set( unsigned char **p, unsigned char *end, | ||||
|  | ||||
|     ret = pkcs7_get_signer_info( p, end_set, signers_set ); | ||||
|     if( ret != 0 ) | ||||
|         goto cleanup; | ||||
|         return( ret ); | ||||
|     count++; | ||||
|  | ||||
|     mbedtls_pkcs7_signer_info *prev = signers_set; | ||||
|   | ||||
| @@ -68,7 +68,7 @@ pkcs7_parse:"data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-62139 | ||||
|  | ||||
| pkcs7_get_signers_info_set error handling (4541044530479104) | ||||
| depends_on:MBEDTLS_RIPEMD160_C | ||||
| pkcs7_parse:"data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG | ||||
| pkcs7_parse:"data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO | ||||
|  | ||||
| PKCS7 Only Signed Data Parse Pass #15 | ||||
| depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C | ||||
|   | ||||
		Reference in New Issue
	
	Block a user