From 1285ab5dc26948e6f937f6ab0cdabe5ffca11259 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Fri, 1 Jan 2016 21:42:47 +0000 Subject: [PATCH] Fix for memory leak in RSA-SSA signing Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c --- ChangeLog | 4 +++- library/rsa.c | 10 ++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 00b19ecf6..80761d249 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,8 +13,10 @@ Bugfix * Fix bug in certificate validation that caused valid chains to be rejected when the first intermediate certificate has pathLenConstraint=0. Found by Nicholas Wilson. Introduced in mbed TLS 2.2.0. #280 + * Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by + JayaraghavendranK. #372 -Changes +Change * To avoid dropping an entire DTLS datagram if a single record in a datagram is invalid, we now only drop the record and look at subsequent records (if any are presemt) in the same datagram to avoid interoperability issues. diff --git a/library/rsa.c b/library/rsa.c index 1f907b764..efdd055c4 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1086,10 +1086,16 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * temporary buffer and check it before returning it. */ sig_try = mbedtls_calloc( 1, ctx->len ); - verif = mbedtls_calloc( 1, ctx->len ); - if( sig_try == NULL || verif == NULL ) + if( sig_try == NULL ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + verif = mbedtls_calloc( 1, ctx->len ); + if( verif == NULL ) + { + mbedtls_free( sig_try ); + return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + } + MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) ); MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) );